Posts
“HELLO GREY-SLOAN MEMORIAL
Currently, we control your hospital. We own your servers.”
The message demands 4,932 bitcoin — about $20 million in the show but over $71 million as of January 2, 2018 — for an encryption key to unlock the medical records. The records will be destroyed if the ransom isn’t paid in a timely manner.
How will you respond when ransomware targets your business? We say “when” because 71 percent of cybersecurity experts believe there’s a moderate to extreme possibility their organizations will experience ransomware attacks in the next 12 months.
Here are our top recommendations for protecting your data against ransomware in 2018.
Prepare for Ransomware in the Cloud
Your risk increases if employees access data stored in the cloud using personal devices that aren’t properly maintained, patched and updated. To reduce ransomware threats from shadow IT, make sure you have a bring-your-own-device (BYOD) policy in place, look for unusual activity on the network and follow the rest of our tips below.
Patch Everything
vulnerabilities in older Microsoft operating systems. In fact, as Webroot’s VP of cybersecurity and engineering points out, many of 2017’s ransomware attacks could have been mitigated simply by patching systems. It’s worth noting that the colossal Equifax breach — although not a ransomware attack — was reportedly caused by an employee’s failure to apply a software patch.
To thwart criminals exploiting known vulnerabilities in trusted applications, the solution is simple (though admittedly easier said than done): Patch everything. Patch your applications, software, hardware and connected devices as soon as updates are available.
Train Employees to Look for the Latest Phishing Scams
It’s getting harder to spot scams because scammers are skilled at harvesting data from social networks and other online researchers to spoof an email from a well-known brand or impersonate trusted content. In fact, spoofing and impersonation comprise 67 percent of successful phishing attacks. Spammers are also hijacking legitimate domains, which they use to create phishing pages. The sites’ good reputations allow the newly created phishing pages to slip past anti-phishing filters.
However, these are only two examples of a growing list of phishing tactics. That’s why it’s important to regularly train employees how to look for the telltale signs of phishing attacks. Training should be mandatory, but to fully engage employees, communicate the message that they’ll learn valuable cybersecurity skills to apply in their personal lives. After all, phishing and ransomware target individuals too.
Maintain Backups and Test Your Restore Process
WannaCry, for example, deleted volume shadow copies, which Microsoft Windows automatically creates to allow users to easily recover their data. Network-attached backups are also at risk. After having its data encrypted by ransomware, one police station refused to pay the ransom, knowing that its data was backed up. Unfortunately, the backups were attached to the network and had also been encrypted.
To protect yourself, back up your data frequently and segregate it from your production environment. Be sure to monitor backups for completeness and accuracy as well.
Of course, a backup is only as good as the restore, so it’s important to routinely test your restore process. Include any disaster recovery vendors you work with in your tests to make sure they can restore your company’s data within your recovery time objectives (RTOs).
Know How You’ll Respond to a Ransomware Attack
