What is Ransomware
Ransomware is a constantly changing form of malware designed to “kidnap” the key data of an organization and demand “ransom” in exchange for the data security. Bad actors do this in a number of ways, including encrypting files on a device, rendering those files unusable, or actually stealing the data and threatening to release it to the dark web if a ransom is not paid. Malicious actors are clever and very talented at evolving their ransomware tactics, making a good defense a challenge.
Ransomware can devastate businesses, impacting processes and rendering them unable to operate as normal to deliver mission-critical services. The financial impact of ransom demands has increased, with some demands exceeding $1 million, as well as reputational impacts on organizations large and small.
Follow these tips and tactics to help prevent and recover from a ransomware attack on your organization.
- Use antivirus software at all times - Set your software to automatically scan emails and flash drives.
- Keep your computer fully patched - Run scheduled checks to keep everything up-to-date.
- Block access to ransomware sites - Use security products or services that block access to known ransomware sites.
- Allow only authorized apps - Configure operating systems or use third party software to allow only authorized applications on computers.
- Restrict personally-owned devices - Organizations should restrict or prohibit access to official networks from personally-owned devices.
- Avoid using personal apps - Avoid using personal applications and websites - like email, chat, and social media - from work computers.
- Beware of unknown sources - Don't open files or click on links from unknown sources unless you first run an antivirus scan or look at links carefully.
Steps you can take now to help you RECOVER from a future ransomware attack:
- Make an incident recovery plan - Develop and implement an incident recovery plan with defined roles and strategies for decision-making.
- Backup & restore - Carefully plan, implement, and test a data backup and restoration strategy - and secure and isolate backups of important data.
- Keep your contacts - Maintain an up-to-date list of internal and external contacts for ransomware attacks, including law enforcement.
For more information on how to stay safe from fraud visit https://www.cisa.gov/stopransomware