The news is full of yet more ransomware attacks. The U.S. House of Representatives’ Information Security Office last week announced they are blocking Yahoo Mail accounts due to the massive number of ransomware attempts. In many of these attempts, email zip file attachments contain ransomware. One study, by Enigma Software, found ransomware volume in April 2016 was more than double over March, 2016.
In one twist to ransomware attacks, the cybercriminal states the ransom will go to charity. Unfortunately, not only is the criminal stealing from you, you have no way to know if the claim is true. Here is a write-up on the ransomware from security company Heimdal Security. Another criminal asked that the ransom be paid with an Amazon gift card.
Should you pay ransomware?
The FBI issued an alert on the rise of ransomware in late April. This alert specifically states “The FBI doesn’t support paying a ransom in response to a ransomware attack.”
FBI Cyber Division Assistant Director James Trainor states: “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
What you can do
In addition to the standard security measures of maintaining current software releases and running frequent backups which are stored other than connected to your servers, here are additional measures to implement:
Block third party, web-based mail applications
If your business is using popular email applications, consider moving to your own email system. These common applications are often targets with ransomware embedded. Email addresses are easy to guess or automatically generate. If you are already running your own email system, block third party applications to reduce chances of ransomware attacks on your system. People can use their own smartphones to check personal account emails.
A typical business needs only a very few users with full administrator access. By reducing the number of administration level users, you reduce the chances of malware getting to your sensitive data on the network servers.
Uninstall unnecessary plugins
Over time, computers and networks gather plugins that are not used frequently. Have your IT specialist scan for any plugins not absolutely needed every week. Plugins like Adobe Flash continue to have security vulnerabilities and the cyber criminals exploit these flaws for access through ransomware and other malware.
Talk about ransomware instances
The more people talk about ransomware attacks with their fellow workers, the more people will be aware of the chances they might be attacked. This will generally lead to people being more cautious.
Run ad blockers
Have your IT specialist install ad blocker software on your company’s equipment. If your employees want to shop during work hours, encourage them to do it on their own devices or set up a separate internet-enabled computer not connected to your network. Popup ads often have ransomware embedded, even for reputable websites.
Learn more about protecting yourself and your business at the National Cybersecurity Institute.
FBI (2016, April, 29). Incidents of ransomware on the rise: Protect yourself and your organization. Retrieved from https://www.fbi.gov/news/stories/2016/april/incidents-of-ransomware-on-the-rise/incidents-of-ransomware-on-the-rise
Goldsparrow.(2016). April 2016 was the worst month for ransomware on record in the US. Enigma Software. Retrieved from http://www.enigmasoftware.com/april-2016-worst-month-ransomware-record-us/
Zaharia, A. (2016). Security alert: New ransomware promises to donate earnings to charity. Heimdal Security. Retrieved from https://heimdalsecurity.com/blog/security-alert-new-ransomware-donate-earnings-charity/