The Canadian Cyber Incident Response Centre and the US Department of Homeland Security issued a joint ransomware cyber alert this week in response to the recent surge in attacks.
Both government agencies strongly recommend that organizations and individuals NOT PAY the ransom demanded by cyber attackers.
The new emerging variants are targeting healthcare in particular, and other organizations with attack strategies that are extremely ruthless and difficult to respond to.
The warning was prompted by recent attacks at Hollywood Presbyterian in Los Angeles, Methodist Hospital in Kentucky, and MedStar, the biggest Washington, D.C.-area healthcare provider, among many others.
In a profound understatement, the alert advised that “ransomware's consequences to an individual or institution could include a loss of sensitive data, a disruption of business operations and expenses to restore a system into working order”.
In case you’ve never heard the term before, Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid, usually with Bitcoins, an untraceable online currency.
In the meantime, please read following tips to help minimize your risk of becoming the next corporate victim of cyber crime.
Netcotech recommends all organizations review the following mitigation risk reduction measures and consider their roles in the context of their network environment:
1. Review your organization’s IT policies to ensure the latest up-to-date recommendations are being implemented, and followed;
2. Ensure all employees and users are aware of the risk the cyber attacks, and what they can do to prevent access;
3. Employ a data backup and recovery plan for all critical information. Perform and test regular backups to limit the impact of data or system loss and to expedite the recovery process. All backups should be stored offline.
4. Use application whitelisting to help prevent malicious software and unapproved programs from running.
5. Keep your operating system and software up-to-date with the updates and security patches.
6. Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
7. Restrict users’ ability (permission control) to install and run unapproved software applications, and apply the principle of “Least Privilege” to all systems and services.
8. Enforce Strong Password policys, and force users to change passwords at least once every three months.
9. Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine. For organizations with sensitive data to protect, we recommend blocking email messages with attachments from suspicious or unknown sources.
10. Follow safe practices when browsing the Web.
11. Never follow unsolicited Web links in emails.
12. Never open unsolicited email attachments.
IMPORTANT: Make sure to review these policies for all system users---including remote access users from home workers, travelling employees, business and corporate associates and any others who routinely or occasionally access your networks.
We’ll be providing more insight and advice regarding ransomware and other types of cyber attacks that target business organizations and institutions. Make sure to subscribe, and stay safe.