Update: September 21, 2021 – Without giving this article a full rewrite, it’s obvious things have gone exactly as anticipated. Ransomware attacks are commonplace and big business. Millions of dollars an attack, big.
Who have targets included? Hospitals, power companies, water treatment facilities, oil pipelines, even feedstock management systems. And now the major players claim to have morals, while jeopardizing food supplies.
Original Ransomware Article
If you’ve been keeping an eye on cybersecurity or computer safety news lately, there is a good chance the term ransomware has crossed your vision. So we’ve got phishing (not the band), malware, viruses, worms, and now ransomware?
First, the primer: Ransomware is a form of malware, which in some circles is also considered a virus. Still confused? So am I.
Primer, even more basic version: Ransomware locks your computer unless you pay some bad guy.
Less basic primer: Ransomware is computer code which, once on your system, makes it so that you can’t access any of your files. The creator gives you an option to get the key, or program to unlock all your files, for a fee. This fee goes up the longer you wait, making it no less than a ransom demand. Hence, malware which asks for a ransom: Ransomware.
Who would do such a thing? There’s always people looking to cause mayhem and make a buck as a result. Some of them also happen to be skilled in computer programming. Sure, they’d serve the world better by designing code to help reduce poverty or hunger, but, crime is often easier.
Are you vulnerable to ransomware? Yes. Any computer, which, in a chain of connections, has a link to the Internet, can be infected. Yeah, it can spread from one computer to another in your network on its own. Then it deletes your backups. Even having all security updates installed isn’t enough (Macs tend to block them within 24 hours of discovery). Is no one safe?
How do you get ransomware? One of the more common ways is through an “evil” Word document. You think it’s an executive letter, invoice, or timetable, and you open the e-mail attachment.
For you to get infected, Word then prompts that the file has a macro and asks if you’d like to run it. You, thinking it’s an essential aspect of the file, say yes (It bothers me that Office programs don’t display the file before this prompt). And your day just got really bad. Even NAFCU is warning credit unions about this infection strategy.
What can you do to avoid ransomware? The old computer security strategies hold true (but the main threats are to your network, though work-from-home and understaffed IT contributes):
- Don’t open e-mails from addresses you don’t recognize. If you do, definitely don’t open attachments in those messages. Also, ensure that HTML content isn’t set to automatically load when reading the message (Steps for Outlook 2010/2013, OS X Mail, iOS Mail).
- When opening Office documents from those you know, always defer to No if it asks to run macros. If the file seems to need it, ask the sender to confirm.
- If an e-mail file extension isn’t what you think it should be (JPG, PNG, GIF, PSD for images, as an example), ask the sender to confirm.
- Ensure all computers within your workplace are current in security updates. And not just for the operating system, but software programs installed, too.
- Avoid visiting questionable websites, but if you must, use an archaic computer (too old to be infected) or an obscure operating system (ie. BeOS).
- On second thought, just avoid the suspicious sites. You can also check a reputation monitoring service like Web of Trust prior to visiting.
- Be extremely careful when using USB drives to transfer data to more secure (ie. non-connected or connected with member data) computers.
- Train your staff on computer safety…regularly. We can all get fooled. You know those, “A lost Saudi prince wants to share their $400,000,000 with you” e-mails? You still get them because people still fall for them.
- If your password is “password” or “12345”, change it right now. I’ll wait.
- Use common sense. If something seems off, your instincts are probably right.
As mentioned in the above article, one ransomware developer brought in a confirmed $45,000 after only 3 weeks of infections. It’s big business and is only going to grow further. Knowledge is power and sharing this information with your members can help them avoid costly headaches as well.
Image credit: http://hackwhiz.com/wp-content/uploads/2014/08/encryption-img.png