Steps to help prevent a ransomware attack

Mar 11, 2016

The recent cyber-attack at the Hollywood Presbyterian Medical Center has created worry for other healthcare institutions.  Their computer system was literally held hostage by a malicious software called ransomware.  How it works; your information is encrypted and held hostage until you pay the ransom that is requested by the hacker. The medical center ended up paying the ransom of 40 bitcoins—roughly $17,000 to recover their files. This incident marked a dangerous escalation in the high stakes surrounding ransomware.

Ransomware is exactly what it sounds like — malicious software used by hackers to block access to a computer system until a ransom is paid. It has become more common in recent years. According to antivirus software maker, Symantec’s 2014 report, the number of ransomware attacks increased from 100,000 in January 2013 to 600,000 by the end of that year.

The hack itself is “a really simple three-step process,” explains Ryan Kalembar, senior vice president for cybersecurity strategy at Proofpoint. The hackers send what looks like a routine email, a bill or an invoice, with a file attached, often a Word document.  “And by clicking on that Word document, it pops up an ‘enable content’ yellow bar. And if you click on that, that is the final click and it is over. It begins to lock your files with a key that only the attackers and cyber criminals have.” At that point, the hackers send a demand for ransom.

Staff at Hollywood Presbyterian first noticed the disruption to their computer system on Feb. 5, the hospital’s CEO Allen Stefanek said. The problem was resolved and the computer system was fully functioning again 10 days later.

What can you do to avoid being a ransomware victim?  

Staying updated with the latest ransomware trends and the methods that hackers are using to get the ransomware into your system will help you defend your company from an attack.

Scrutinize emails before opening them

Be wary of emails from unfamiliar sources. If you don’t recognize the source or if it looks unusual—do not open it. You can communicate directly with the sender and confirm that they sent message.

Avoid clicking embedded links found in unverified emails

The links in unverified emails can lead to the download of ransomware. Additionally, be wary of sites that prompt you to enter a CAPTCHA code as this could be linked to a ransomware attack. To check its validity, you can use free services  like Trend Micro Site Safety Center to verify the reputation of the site.

Back up your important files

The single biggest thing that will defeat ransomware is having a regularly updated backup. Having a backup of important files will lessen the damage of an attack.  You may lose your work from today but can easily recover everything from the day before.  Follow the 3-2-1 backup rule—three backup copies of your data on two different media and one of those copies in a separate location.

Regularly update software, programs, applications

Updating your software to the latest versions can provide an added layer of protection against online threats as some ransomware arrive via vulnerability exploits.

Cyber / Privacy Coverage

Needless to say, it is more than a good idea to get a cyber/privacy policy.  It will protect you from the above as well as cover regulatory situations.  With the larger quantity of buyers cyber/privacy liability insurance is more cost effective and easier to obtain than you might think.

Susan Kattoo
President Sales

McPhee & Associates, Inc.skattoo@mcpheeassociates.com