Last month, the FBI released an alert concerning the high impact ransomware attacks threatening U.S. businesses and organizations. They discussed the type of ransomware and what steps to take to protect yourself and your business. Let’s take a closer look at this disturbing activity.
The increase in ransomware attacks seems to be hitting across all sectors, including healthcare, state and local governments, and other infrastructure targets.
One example in the healthcare field is the California provider Wood Ranch Medical, which reported ransomware recently encrypted its systems and backups, which the provider was unable to recover. The provider will now permanently close its doors, after being unable to recover its patient records that were encrypted by malicious ransomware.
What is Ransomware?
According to the FBI, ransomware is a form of malware that encrypts files on a victim’s computer or server, making them unusable. Cyber criminals demand a ransom in exchange for providing a key to decrypt the victim’s files.
Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. Since early 2018, the incidence of broad, indiscriminate ransomware campaigns has sharply declined, but the losses from ransomware attacks have increased significantly, according to complaints received by/from FBI case information.
What New Techniques are Being Used?
The FBI has observed cyber criminals using the following techniques to infect victims with ransomware:
- Email phishing campaigns where a cyber criminal sends an email containing a malicious file or link, which deploys malware when clicked by a recipient.
- Remote Desktop Protocol vulnerabilities where cyber criminals have used both brute-force methods, a technique using trial-and-error to obtain user credentials, and credentials purchased on darknet marketplaces to gain unauthorized RDP access to victim systems.
- Software vulnerabilities where cyber criminals can take advantage of security weaknesses in widely used software programs to gain control of victim systems and deploy ransomware.
What Can You Do To Protect Yourself
If a ransom is requested, the FBI advocates against paying it. Paying merely emboldens cyber criminals to continue the practice and getting the decryptions keys is not always guaranteed once the ransom is paid.
They do, however, suggest practicing the following security protocols.
- Regularly back up data
- Focus on employee training
- Stay up-to-date on software and patches
- Automatically update anti-virus and anti-malware
- Control access to certain files and directories
- Configure firewalls to block access to malicious IP addresses
- Enable strong spam filters
Does your business need assistance with cyber security in light of these latest ransomware attacks? Speak with your IT specialist or IT department. If you need to design a stronger security protocol, consider M&H Consulting. If you have questions, call M&H Consulting at 1-866-964-8324 or visit our website.
Categorised in: Computer Support, disaster recovery, IT Consulting Services, ransomware, Security