The proliferation and sophistication of ransomware have forced the FBI to warn internet users, again, that the number of infections is continuing to rise in 2016.
This announcement comes just days after the Michigan-based utility provider, Lansing Board of Water and Light, was infected with ransomware through a phishing email attack. While no personal information, water, or power was affected during this infection, administrative operations were crippled due to the ransomware.
This disastrous incident can have serious consequences on organizations, like the loss of sensitive information, disruption of daily operations, financial burdens, and harm to an organization's irreplaceable reputation.
This fear of ransomware is no longer limited to infection via email, as hackers have recently been spotted seeding legitimate web pages with malicious code, taking advantage of unpatched software on victims’ computers.
According to the FBI’s official announcement, paying the ransom demanded by a hacker not only doesn’t guarantee you’ll get your data back but also fuels the fire for cyber criminals to target more organization and incentivizes other criminals to get involved in this type of illegal activity.
The recently published update made by the FBI focuses on the importance of education, prevention, and the need to have a solid business continuity plan in place if an attack were to occur:
- Make employees aware of ransomware and their role in protecting the organization's data
- Patch, Patch, Patch!
- Automatically update and regularly scan antivirus and anti-malware solutions
- Manage the use of privileged accounts
- Configure access controls
- Disable macro scripts
- Implement software restriction policies
- Backup regularly and verify the integrity of backups
- Secure your backups
There’s no full proof single solution that will protect your organizations entirely from a ransomware attack, but contingency and remediation planning will help your organization mitigate the dire consequences of suffering from such an attack. By taking a preventative approach in terms or training employees and introducing technical prevention controls, you’ll help minimize your chance of falling victim to such an attack. However, it’s just as important if not more, to have a business continuity plan in place to refer to in the event of a ransomware attack.
NNT’s Change Tracker Gen7 is the latest one size fits all solution in continuous breach prevention & detection. Gen7 heralds a new and intelligent approach to system integrity monitoring, for more usability and effective real-time breach detection. To learn more about Gen7, watch our pre-recorded demo
Read this article on InfoSecurity Magazine
Read this FBI’s Announcement here