California Hospital Paralyzed by Ransomware, here is how to prevent your business from falling victim.
Ransomware took center stage this week by forcing Hollywood Presbyterian Medical Center in California to declare an internal emergency. Physicians were locked out of the EHR, staff could not access email, and departments were left to communicate by fax machine. Let's look at three key strategies that can help you prevent ransomware, or minimize the damage if you find yourself a victim.
Ransomware is a sophisticated form of malware that literally hijacks users files, encrypts them and then demands payment in exchange for the encryption key. It affects user files that are on local and network drives that are accessible to the computer user (e.g. C:, D:, E:, N:). This can be external hard-drives including USB thumb drives, or folders on the network or in the Cloud. If you have Dropbox, for example, and it is mapped to your computer, it can encrypt those files as well. Although this can be frightening, if you prepare properly, ransomware can be avoided or rendered to nothing more than a nuisance.
3 Ways to Protect Your Business Against Ransomware
Effective security is multi-layered. A multi-layered security plan will include properly securing all points of data entry into your network and computer systems. This includes your internet gateway, your email servers, USB disks, and computer desktops and servers. It includes end user education to prevent against phishing, spoofing, and other social engineering attacks. It also includes data backup in order to safeguard your data in case of data loss or compromise.
- Firewall with Anti-virus will protect your internet gateway with firewalling and intrusion prevention that includes anti-malware that prevents known viruses in your internet traffic; web content filtering that prevents access to untrusted websites; email filtering that removes viruses and bad web links from traffic, spoof protection that prevents phishing attacks; and DoS prevention that drops attack packets. Essentially, a good business class firewall that is properly configured will drastically reduce, if not eliminate, several of the ways that ransomware can make its way into your network. In order to continue to enjoy the protection offered by a good firewall, it may be necessary to maintain your maintenance and support plan with the firewall vendor. This will allow you to continue to receive updates that recognize and prevent new threats. Anti-virus Software must be installed on all computer systems in order to protect against malicious software that make it to your systems. An effective anti-virus software must be well-configured to properly handle real-time attacks; protect all local and USB disks; run scheduled scans to detect hidden threats; get regular updates to recognize new and emerging threats; and protect against the possibility of being disabled or uninstalled by the user or other malicious software. Some anti-virus software solutions have whitelisting options that will only allow known and approved software to run on your systems. Properly configured, this will essentially block ransomware. However, in order to avoid incidence of ransomware, it is essential that all systems on your network be similarly well-protected. Otherwise, your network will be as secure as the least secure system. It is also important that you maintain your anti-virus subscription so that you can continue to receive regular updates.
- Employee Training will inform employees not to click links or open malicious file attachments received in e-mail.Phishing e-mails, as they are called, manipulate a user to download an attachment that contain virus or ransomware. All employees need to be trained on these critical security measures, and frequent reminders are a good idea! A common way that ransomware affects your system is for someone on your network to invite it in, often unintentionally. Education is a very good source of prevention.
- Regular Backup is an effective last resort for resolution should you get infected by ransomware. Make sure to back up your data regularly, and on a separate storage device that is encrypted or not connected to your network. This will allow you to restore your data from an earlier version. Short of paying the ransom, backup is the only antidote to a ransomware infection. You must backup regularly; verify backup integrity; encrypt backup data; and store backup data offsite.
Mention code: "Ransomware Prevention" for a FREE Network Vulnerability Assessment.