Terry Corbell, The Biz Coach
By Terry Corbell
Business Consultant

Key Measures to Prevent, Recover from Ransomware




July 10, 2016 –


Ransomware is, of course, malicious software that can do terrible harm your company.

Published reports indicate ransomware cost businesses $350 million in 2015. The FBI considers ransomware attacks one of the three worst cyber threats.

“Ransomware encrypts the files on your computer or network with an ‘encryption key’ known only to the cybercriminal,” writes Kimberly Pease, vice president of Citadel Information Group (https://citadel-information.com).

“The cybercriminal then offers to sell you the key to decrypt your files. Ransomware, like other forms of malware [malicious software], often gets on a computer through phishing,” she explains.

“Other ‘delivery vectors’ include visiting a booby-trapped website and infected USB-drives,” she adds.

Kimberly Pease

 Kimberly Pease

 

Citadel is the No. 1 information-security management consulting firm, which is based in Los Angeles.

(Note: The firm’s president, Stan Stahl, Ph.D., is also a widely recognized expert, and is a trusted longtime friend and he’s been quoted in numerous articles.)

Unnerving developments

From media articles listed in her Weekend Vulnerability and Patch Report, consider a sample of unnerving headlines:

Updated CryptXXX Ransomware becomes more dangerous as it now steals credentials CryptXXX ransomware has received a major overhaul by its authors, putting it on the fast track to unseat Locky as top moneymaker for criminals. ThreatPost, June 3, 2015

Ransomware-as-a-Service business model emerges in Russia; cybercriminals easily earn $90,000 / yr: Ransomware as a business is maturing and nowhere is that better illustrated than in Russia, according to Flashpoint researchers. The security firm released two reports on Thursday, one on a burgeoning ransomware-as-a-service business model (PDF) in Russia and the second on new developments in Russian ransomware kingpins targeting hospitals (PDF). ThreatPost, June 3, 2016

AMAZON USERS TARGETS OF MASSIVE LOCKY SPEAR-PHISHING CAMPAIGN: Amazon customers were targeted in a massive spear phishing campaign where recipients received Microsoft Word documents with a macro that triggered downloads of the Locky ransomware. Researchers at Comodo Threat Research Labs say it is one of the largest spam ransomware campaigns this year.ThreatPost, May 26, 2016

But here’s some good news: It’s possible to defend against ransomware, according to Ms. Pease.

“Citadel urges all organizations to review their information security management practices to ensure they are taking appropriate steps to guard against a ransomware infection and to test their backup / recovery capabilities to ensure their ability to fully recover from a ransomware attack,” she writes.

“Happiness has many roots, but none more important than security.”
-E. R. Stettinius

To keep from being infected, from her newsletter Ms. Pease offers valuable strategies:

Train Users

  1. Provide all users cybersecurity awareness training so they can be vigilant against phishing attacks. [Citadel provides awareness training, including simulated phishing attacks. Contact us for more information.]
  2. Teach users the phishing danger signals.
  3. Teach users to not click on links or attachments in emails unless they know the email is legitimate and its contents are safe.

Make sure IT does their part

  1. Keep operating system and applications patched with the latest updates. [Sign up for Citadel’s Free Weekly Cybersecurity Newsletter, including our Weekend Vulnerability and Patch Report]
  2. Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
  3. Set all user accounts with limited — non-administrative — privileges.
  4. To the extent IT can manage it, they should use application whitelisting to identify the programs that are allowed to run.

Recover from ransomware

“Good backups are the only way to recover from ransomware. With backups, you can restore the files that have been encrypted. Without these backups, you’re stuck without your valuable files until you pay the ransom,” explains Ms. Pease.

“It is critical that IT verifies its ability to fully recover from a ransomware attack. It’s not enough for them to test their ability to recover a file or a folder. IT needs to test their ability to fully restore all working files from backup,” she concludes.

Lest I forget, I strongly urge you to subscribe to Citadel’s highly informative complimentary blog, which is published each week.

Read the bios of Citadel’s principals here.

From the Coach’s Corner, here are more articles on information security:

BYOD, Mobile-Banking Warnings about Security Prove Prophetic — Not to be gauche, but in 2009 you saw the Internet security warning here first – mobile banking is so risky an IT security guru said don’t do it. The warning was prophetic.

Protect Your Bank Accounts So You Can Sleep at Night — Imagine for a moment — you’re sitting at your desk enjoying a second cup of morning coffee. Then, your phone rings. It’s a call from your bank to discuss possible fraud. Your bank is concerned about possible suspicious activity with your accounts, and wants to make sure you’re not a victim.

Most Small Businesses Make You Vulnerable to Credit Card Fraud, ID Theft – Study — A whopping 79 percent of companies in the U.S. and U.K. experienced Web-borne attacks, according to data released in 2013. These incidents continue to represent a significant threat to corporate brands.

Don’t Wait for Cyber Security Legislation that Affects Your Business — Not likely to pass, a data-breach bill has been re-introduced in the U.S. Senate that would regulate how businesses behave – informing customers when their personal information has been stolen. Passage or not, businesses should act on their own. It’s the right thing to do. Here are four precautions to take for your business.

Using Starbucks’ WIFI? Expert Issues Warning, Security Checklist — The WIFI offering by Starbucks has prompted a security warning and checklist from a go-to Internet security guru, Dr. Stan Stahl.

Security Expert Warns about Using App that Emails Money — A service by a company called Square Inc. will allow you to e-mail money to your friends free-of-charge. But an IT security expert issues a warning.

“Happiness has many roots, but none more important than security.”
-E. R. Stettinius


__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.



Seattle business consultant Terry Corbell provides high-performance management services and strategies.