Beware of Ransomware
Law firms, among other businesses, have been plagued lately by malware known as ransomware. Once ransomware infects a system, a user is denied access until a ransom is paid. According to Legaltech News, there are two primary types of ransomware. One locks a computer system or mobile device, and transmits a message stating that the user has committed a crime or done something improper that requires a payment to rectify the situation. The other type of ransomware encrypts data on any backup or external device, then requires payment in order to provide a decryption key. Those launching the ransomware attacks generally require payment in Bitcoin to protect their anonymity.
LegalTech News reports that there were more than 2,450 ransomware complaints reported to the Internet Crime Complaint Center in 2015, with most complaints deriving from health care institutions, school districts and police administrations. Cybersecurity experts expect the number of ransomware attacks is dramatically increasing in 2016 and years to come.
Why Victims Pay
When a ransomware malware attacks a computer system that contains highly sensitive or confidential data and does not have adequate backup, it’s tempting for a victim to decide to pay the ransom rather than taking the risk of losing the data.
(Source: LegalTech News, October 17, 2016)
How to Prevent Ransomware
Following are some measures recommended by the United States Computer Emergency Readiness Team (US – CERT) that your firm can take to reduce the risk of being victimized by ransomware:
• Perform and test regular backups to limit the impact of data or system.
• Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
• Keep your operating system and software up-to-date with the latest patches.
• Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
• Restrict users’ permissions to install and run unwanted software applications.
• Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine.
• Do not follow unsolicited Web links in emails.
If your computer becomes infected, US- CERT recommends that you do not pay the ransom, because payment does not guarantee that the data files will be released. You are urged to report instances of ransomware and other fraudulent cyber activity to the FBI at the Internet Crime Complaint Center.
(Source: US Computer Emergency Readiness Team)