Ransomware is causing a stir, so much so, that the FBI has taken a stance. In late April, they published an informational article which discusses the rise in incidents and ways to protect yourself from an attack. Ransomware attacks aim to infect PCs with malware which allows cyber criminals to hijack computer files. The malware then encrypts the files and folders on the computer and any attached drives. The only way the files are retrievable after they have been infected is with a decryption key. Cyber criminals hold the key until you pay the ransom (usually in bitcoin due to the anonymity it provides).
I wanted to share with you the tips posted on the FBI website on how to deal with the Ransomware threat. I found the information below very relevant, especially for organizations.
– Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
– Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
– Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
– Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
– Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
– Disable macro scripts from office files transmitted over e-mail.
– Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
– Back up data regularly and verify the integrity of those backups regularly.
– Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.
Be sure to check out our other blog post about ransomware to get more details.