Hostage Data

Ransomware Attacks, Prevention and Awareness

Taba Zimmerman

On May 9, 2020, a large media and entertainment law firm in New York was attacked by hackers, who stole around 756 gigabytes of data and held it for a ransom of $21 million. The firm in question decided not to negotiate with the hackers who threatened to publish the private documents and information of various celebrity clients if the firm did not pay the ransom. Attacks like these have been happening more frequently and can happen to anyone, but, what exactly is ransomware?

Ransomware is a form of malicious software (malware) that is typically delivered via phishing emails or via “drive-by downloads” and encrypts computer files until a ransom is paid. 

According to the Cybersecurity & Infrastructure Security Agency (CSIA), you can protect your data by performing regular backups of your system so you can have something to restore your system to its previous state; store backups separately and make sure it is stored on a device that cannot be accessed from a network, such as an external hard drive; provide cyber-security awareness training to your personnel to keep them informed about what threats are out there and how to recognize them.

There are several measures you can take to help prevent the threat of a ransomware attack, such as, updating and patching your computer(s) regularly; being careful about which links you click and how you enter web addresses; being cautious about opening email attachments, especially if they are compressed or ZIP files; verifying email senders before opening any attachments; staying informed about recent cyber-security threats and techniques; and installing an antivirus software, keeping it updated and scanning your computer regularly.

You can submit ransomware files to CSIA for analysis via: 

https://www.malware.us-cert.gov/MalwareSubmission/pages/submission.jsf

If your system gets infected, isolate it, turn off any other computers or devices that share the network or drive and ensure that your backup data is offline and secure. If you are a home user, immediately contact your local FBI office or U.S. Secret Service office to request assistance. Organizations should report the ransomware incident(s) to their IT help-desk or security office, and all users should change system passwords after the ransomware has been removed.

IT Security is dyanamic, so leave it to the professionals.

Join BeCloud to make your technology investements more secure.