Minimizing Ransomware Risk

Ransomware is dominating the headlines so far in 2016. The number and severity of ransomware attacks has been increasing. Recent ransomware attacks against school districts, healthcare providers, state and local governments, and enterprises illustrate that criminals have shifted away from targeting just consumers, and instead are focusing on companies who will pay higher ransoms.

Consider the following recent high-profile attack, and you’ll start to get an idea of how dangerous and nimble ransomware can be.

Hollywood Presbyterian Hospital – Using phishing to trick an unsuspecting employee, attackers seized the hospital’s entire IT system, stalled critical healthcare related communications and extorted $17,000 in ransom.

Companies and individuals who have been paying the ransoms have enabled the criminals that create these malicious programs, to ramp up development and make the attacks more sophisticated. Apple OS X – Typically thought of as less vulnerable to viruses and malware, still ransomware hackers are now successfully targeting OS X systems through sophisticated phishing emails that use malware to encrypt the data and render it inaccessible until a ransom is paid.

The Federal Bureau of Investigation (FBI) reports seeing a dramatic increase of these type of cyber-attacks paired with increasingly higher ransom requests. If the first quarter of this year is any indicator, we’ll see the number of ransomware incidents surpass last year’s record, which totaled 2,453 reported incidents and approximately $24.1 million in ransom paid by victims.

So how do I help Minimize Risk?

  • Monitored Backups–The most common advice to recover from an attack by ransomware relies largely on whether a good backup policy is employed for your data and entire system backups. Store backups in an offline environment because many ransomware variants will try to encrypt data on connected network shares and removable drives. If possible, use a hybrid backup solution that keeps copies of your data locally and in the cloud. This way if one of your backups is compromised you will have a greater chance of success in restoring your data.

 

  • Layered Security–Having a layered approach to security should be taken seriously for repelling ransomware. The best way to protect against a virus is to have defenses to ensure you never receive any viruses in the first place. Deploy a layered approach utilizing technologies such as anti-virus, web filtering and firewalls. Apply access controls, including file, directory, and network share permissions to limit the exposure of non-administrator users to sensitive data.

 

  • Stay Updated–Frequently update anti-virus and anti-malware with the latest signatures and perform regular scans. Create an application whitelist, allowing only specific programs to run on a computer.

 

  • Request Support–If you have questions, do not be afraid to call your IT department or vendor. They will be able to help you try to minimize the damage and get started on data recovery.

Kyvon Malware Risk

Written by