2016 has been called the year of ransomware because of the numerous attacks by this kind of malware. One of the most renowned ransomware software are the CryptoLocker, CryptoWall, and Locky among many others and these are responsible for wreaking havoc around the globe.
The main reason behind these attacks, as the name suggests, is to get money in exchange for giving you access to your own files which have been in your hard drive all along but remain encrypted until you pay the ransom.
Over 4000 attacks are being reported daily due to ransomware since 2016 and over half of US companies have been targeted by this threat.
How do you get Infected?
How do you get infected, you ask?
Information reveals that most significant risk vectors are attachments in e-mails or malicious links posted in websites, malicious websites, or vulnerabilities in servers and other critical systems.
Did you know that according to HIPAA regulation you might have to report whenever one of your systems suffer a ransomware attack; after all, that information might have been compromised.
How do you protect yourself and your company?
• Educate all employees about existing malware and their responsibilities as employees of the company in keeping the data safe.
• Hire a specialist that can assess the current vulnerability state of your systems.
• Secure IT systems with a good security next-gen product that is able to protect all your endpoints. It should be able to implement machine learning techniques and be able to detect malicious actions in processes and not depend on the latest signature to contain the detection pattern and vaccine for a particular threat.
Minimize your Risk
Also, follow these simple guidelines to minimize the risk of catching malware.
• Most e-mail clients do not show images of e-mail and block certain links when the sender of said message is not known to that user account. That is done to protect the user from would-be malicious e-mails. You will be presented with an option to allow the images and links to work in that message. You should only click on that option if you trust the sender of the message.
• If you receive an e-mail, this time from a known sender and it includes links in it, you should always hover your mouse over those links and read the status bar (left-bottom bar) to see to where the actual link leads. Sometimes, the link may look like it is heading to a known web-site such as google.com or paypal and when you read the status bar you may see a totally different address. Do NOT click on that link. If you are in doubt, forward the e-mail to your IT Systems Administrator for verification.
• Do not visit sites with poor reputation and be very cautious when visiting sites which offer free products and services. Many sites offering download links to software require you to install other software in exchange for the service and you should not agree to that kind of offering unless you know very well that you are doing.
• Do no install free games which carry other payloads or immediately uninstall such software upon noticing.
• Do not respond to any e-mail requesting your password, doesn’t matter how authentic it may look. If any institution requires you to send any information deemed confidential, you should always contact that institution via other channels to verify the information.
• Avoid using USB drives that may have been used in public systems, especially in university campuses, Internet Cafes, and similar public places.
• Do not transmit un-encrypted confidential information while connected to a public Wi-Fi network. Always use end-to-end encryption software. If you are using a secure website, you should have no problems but it is always recommended to use some sort of privacy software when using public Wi-Fi systems.
• When you are logging in to any site, always check the Secure Status of the website by looking at the far right of the address bar and noticing the secure symbol. When in doubt, click on it and read the certificate information and make sure it comes from a known and reputable Root Certificate Authority such as Comodo Secure, Global Sign, and many others. Never transmit any personal information if the site is not secure.
As I always say, when in doubt, or if you want to know more about this and/or want to know the current state of your network, contact your IT Systems Administrator.