Network security is a very real need for businesses, and recent news makes it worth discussing today. Cybercriminals are going after healthcare organizations, as they seem to be slow to adopt and update their information technology.
The latest virus is known as ransomware – a virulent form of malware that targets a computer system’s ‘command and control structure’ or important files. It holds the infected user hostage until they pay a ransom (usually via a third-party payment service or Bitcoin). In the most common form (known as Cryptolocker), the system files are encrypted by the ransomware and the villains are the only one with the private ‘key’ that can decrypt them. There is usually a time limitto pay a ransom or risk losing the files forever (and unless you have a good backup, it is FOREVER). Once the ransom is paid, the user may (but not always) receive the key needed to decrypt their files.
Recently, a series of Ransomware attacks occurred via pop-up ads from legitimate websites (malvertising). Basically, cryptoterrorists injected malware into seemingly benign ads on an internet ad network, and these ads were delivered to users of legitimate web sites, such as the NY Times. This is why we warn users about enabling pop-up blockers on your browser(s), updating your OS and applications regularly, and being aware of the risk of Phishing attacks (many of the ransomware deliverables come via clicking-on links in Phishing emails).
There’s no fool proof way to prevent it, but the following steps would help reduce the chances of it happening or the impact of it when it does occur.
- Backup all critical data. SoftWriters recommends a transactional backup that would run at a minimum of every two hours.
- Educate personnel about malware and phishing attacks.
- Avoid clicking links or attachments from unknown emails.
- Use a reputable anti-virus vendor and keep all signatures patched.
- Patch and update your systems regularly. This includes operating system patches AND third-party updates such as Adobe.
- Enable view of file extensions since many of the viruses contain names such as invoice.pdf.exe. If file extensions are hidden then users may not see the .exe extension.