There has been a marked increase in ‘Ransomware’ attacks in recent years. Dan Whitcomb, writing for YahooTech reports that “More than $209 million in ransomware payments were made in the United States alone during the first three months of 2016, according to FBI statistics…” Cyber attackers typically use malware such as CryptoLocker in their ransomware attacks which computer users download to their systems. Once in a system the malware encrypts all the data and then displays a message demanding payment (often in bitcoins) for the ‘key’ to unlock the data. Victims then have the option to pay or lose all their data.
Ransomware has gained so much attention that legislators in the great state of California are now taking action to make it illegal to conduct this ‘crime’ in that state. Reporting for the LATimes, Jazmine Ulloa writes that “Under the proposed legislation, the punishment for such a crime could be up to four years in prison and a $10,000 fine”. Some are claiming that this is really just a ‘feel good’ piece of legislation since the major portion (over 90% by some estimates) of ransomware attacks originate from Russia, thereby making the chances of prosecution highly unlikely. Still, if nothing else, it helps to raise the awareness of cybercrime amongst the populace.
The following are tips from the FBI on how to lessen the chances of ransomware appearing in your system:
Tips for Dealing with the Ransomware Threat
- Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
- Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
- Disable macro scripts from office files transmitted over e-mail. Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
Business Continuity Efforts
- Back up data regularly and verify the integrity of those backups regularly.
- Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.
Few systems are completely safe from hackers, but if individuals and organizations adhere to a few basics of cybersecurity they can lessen their chances of attack or make the recovery easier if the dreaded ‘Warning RANSOMWARE’ message appears on their computer screens.
FBI News (2016). Incidents of Ransomware on the Rise. Retrieved from the Internet at https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise
Ulloa, J. (2016). Why lawmakers are trying to make ransomware a crime in California. Retrieved from the Internet at http://www.latimes.com/politics/la-pol-sac-crime-ransomware-bill-20160712-snap-story.html
Whitcomb, D. (2016). California lawmakers take step toward outlawing ‘ransomware’. Retrieved from the Internet at https://www.yahoo.com/tech/california-lawmakers-step-toward-outlawing-ransomware-221632078.html