protect your organization from ransomware

By Rafael Garrido, Chief Information Security Officer

October is Cybersecurity Awareness month and our Chief Information Security Officer has some tips to keep your data safe and protected. Lifelines Neuro works diligently to protect the data of the thousands of patients who use our EEG systems and solutions every day to diagnose epilepsy and other seizure disorders. We begin Cybersecurity Awareness month with an article about how to protect your organization from ransomware. Read his next article on how to protect your home wifi from hackers here.

Don’t think you are the target? You might want to think again…

Are you one of those individuals that believe you have nothing of value for cybercriminals? Well, you are not alone. Many people believe that their data, accounts and computers are of no value to hackers. Personally, I could not disagree more. Anyone that uses a computer for personal or work use is a valuable target. As you may have read countless times over the past 9-12 months, ransomware attacks consistently increase in volume and continue to target individuals and companies alike. In fact, here are some staggering statistics:

  • Ransomware attacks rose 62% in 2020 compared to 2019.
  • Volume increased 151% during the first half of 2021 compared to the same period in 2020.
  • A ransomware attack occurs every 11 seconds.
  • The average ransom amount increased from ~$5,000 in 2018 to ~$170,000 in 2021.
    Reference

What is ransomware?

It is malicious software (malware) that when executed – it prevents you from accessing files on your computers until a ransom is paid. Some variants go beyond local files on your computer and can even encrypt files on USB attached drives and networked computers. It is fairly easy to get it onto a computer, as one can unknowingly download ransomware by clicking an ad, visiting a website with embedded malware, or opening an email attachment.

Why ransomware?

Cybercriminals are out to make as much money as possible, and the Internet makes it possible for them to easily target thousands of computers across the world with just a few keystrokes. While there are many ways in which they can make money (credit card fraud, taking over social media, or gaming accounts), ransomware seems to be the easiest and most profitable.

By now you are probably thinking – “So maybe I am the target? but my computer uses a firewall and I have an antivirus installed, so I should be fine, right?” Sadly, not entirely. Most antivirus programs rely on signature detection as a primary way to identify potentially hazardous files. They do this by maintaining a database of hash values for known malware files, which they compare against the hash value of the files scanned in your computer. If a match is found, the file is then quarantined (renamed and moved) so that it does not affect other files on the system.

A hash value is a unique numerical value that is produced when the contents of a file are processed with a cryptographic algorithm. When a file is updated, the hash value changes. This is how Cybercriminals can bypass typical antivirus detection. They simply update their malware files often, thus updating their hash value (signature) and making it difficult for your antivirus to initially detect them.

How do you protect your organization from ransomware?

Fortunately, being secure is not as difficult as it may seem. A little common sense and some basic behaviors will go a long way in improving your defenses. Below is a list of steps and behaviors that will help you safeguard your personal data and protect your organization from ransomware.

  • Access Control: Use multi-factor authentication for all your accounts (when possible). Stop using a computer account with administrative access to your computer. Instead, use a standard user account to help prevent malware from installing on your computer without your knowledge.
  • Backups: Periodically backup your data and store it on a portable drive or in the cloud.
  • Phishing: If you get an email that is extremely urgent, odd, or suspicious, it may be an attack.
  • Software Vulnerabilities: Keep devices and computers patched and running the latest versions available. Consider enabling automatic updates.
how to protect your organization from ransomware

Image courtesy of SANS

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.