July 10, 2016 –
Ransomware is, of course, malicious software that can do terrible harm your company.
Published reports indicate ransomware cost businesses $350 million in 2015. The FBI considers ransomware attacks one of the three worst cyber threats.
“Ransomware encrypts the files on your computer or network with an ‘encryption key’ known only to the cybercriminal,” writes Kimberly Pease, vice president of Citadel Information Group ().
“The cybercriminal then offers to sell you the key to decrypt your files. Ransomware, like other forms of malware [malicious software], often gets on a computer through phishing,” she explains.
“Other ‘delivery vectors’ include visiting a booby-trapped website and infected USB-drives,” she adds.
Kimberly Pease
Citadel is the No. 1 information-security management consulting firm, which is based in Los Angeles.
(Note: The firm’s president, Stan Stahl, Ph.D., is also a widely recognized expert, and is a trusted longtime friend and he’s been quoted in numerous articles.)
Unnerving developments
From media articles that were listed in her Weekend Vulnerability and Patch Report, consider a sample of unnerving headlines:
Updated CryptXXX Ransomware becomes more dangerous as it now steals credentials CryptXXX ransomware has received a major overhaul by its authors, putting it on the fast track to unseat Locky as top moneymaker for criminals. ThreatPost, June 3, 2015
Ransomware-as-a-Service business model emerges in Russia; cybercriminals easily earn $90,000 / yr: Ransomware as a business is maturing and nowhere is that better illustrated than in Russia, according to Flashpoint researchers.
AMAZON USERS TARGETS OF MASSIVE LOCKY SPEAR-PHISHING CAMPAIGN: Amazon customers were targeted in a massive spear phishing campaign where recipients received Microsoft Word documents with a macro that triggered downloads of the Locky ransomware. Researchers at Comodo Threat Research Labs say it is one of the largest spam ransomware campaigns this year.ThreatPost, May 26, 2016
But here’s some good news: It’s possible to defend against ransomware, according to Ms. Pease.
“Citadel urges all organizations to review their information security management practices to ensure they are taking appropriate steps to guard against a ransomware infection and to test their backup / recovery capabilities to ensure their ability to fully recover from a ransomware attack,” she writes.
“Happiness has many roots, but none more important than security.”
-E. R. Stettinius
To keep from being infected, from her newsletter Ms. Pease offers valuable strategies:
Train Users
- Provide all users cybersecurity awareness training so they can be vigilant against phishing attacks. [Citadel provides awareness training, including simulated phishing attacks. Contact us for more information.]
- Teach users the phishing danger signals.
- Teach users to not click on links or attachments in emails unless they know the email is legitimate and its contents are safe.
Make sure IT does their part
- Keep operating system and applications patched with the latest updates. [Sign up for Citadel’s Free Weekly Cybersecurity Newsletter, including our Weekend Vulnerability and Patch Report]
- Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
- Set all user accounts with limited — non-administrative — privileges.
- To the extent IT can manage it, they should use application whitelisting to identify the programs that are allowed to run.
Recover from ransomware
“Good backups are the only way to recover from ransomware. With backups, you can restore the files that have been encrypted. Without these backups, you’re stuck without your valuable files until you pay the ransom,” explains Ms. Pease.
“It is critical that IT verifies its ability to fully recover from a ransomware attack. It’s not enough for them to test their ability to recover a file or a folder. IT needs to test their ability to fully restore all working files from backup,” she concludes.
From the Coach’s Corner, here are more articles on information security:
Protect Your Bank Accounts So You Can Sleep at Night — Imagine for a moment — you’re sitting at your desk enjoying a second cup of morning coffee. Then, your phone rings. It’s a call from your bank to discuss possible fraud. Your bank is concerned about possible suspicious activity with your accounts, and wants to make sure you’re not a victim.
Security Expert Warns about Using App that Emails Money — A service by a company called Square Inc. will allow you to e-mail money to your friends free-of-charge. But an IT security expert issues a warning.
“Happiness has many roots, but none more important than security.”
-E. R. Stettinius
__________