Just two months ago, Louisiana Gov. John Bel Edwards declared his third state of emergency due to ransomware.
Shortly following, Albany International Airport in New York, the City of Dunwoody, Ga., and Mountain View Los Altos Union High School in California all fell victim to ransomware attacks. Now, the City of Racine has fallen victim to one of the latest ransomware attacks.
Ransomware is malicious software that encrypts user data and demands a ransom to restore systems. In 2019, the enemy claimed a record-breaking number of victims across the United States — and they’re not discriminatory on who or where they’re targeting.
In fact, last year alone, we saw virtually every sector of the economy affected by a ransomware attack, and as long as they’re getting paid — they will not stop.
So how exactly does this keep happening? The first major issue is poor cybersecurity hygiene. Employees are not being trained on cybersecurity threats, making them unaware of the red flags they should have spotted.
Beyond this, a recent survey conducted by PC Matic confirmed 50% of individuals use the same passwords across personal and professional accounts. This may not seem like an issue on the surface, but as we dig in, it exploits a glaring hole in our defenses.
Keeping in mind the monster breaches at Marriott, Experian, Yahoo, Sony, etc., exposed millions of people’s passwords. Therefore, if a person uses one password for all of their accounts, their “hackability score” skyrockets as a result of their password being so easily accessible.
You have free articles remaining.
Secondly, users and IT directors should analyze the existing antivirus program being used. Often times, security solution providers use a reactive approach to security. Meaning, the software will only block known bad files, permitting all other unknown files to install.
Then, if one of the unknown files happens to be bad, they will work to remove it – if possible. Based on industry research, this approach is no longer feasible and should not be utilized.
This is why the National Institutes of Standards and Technology, the FBI, and NSA have all encouraged the use of application whitelisting.
By using a whitelist, the device will only be allowed to run known, trusted programs. This means, even if the enemy found a way to worm their way into the server or computer, they couldn’t install anything malicious, because only good programs and files can run.
Third, users need to ensure their operating system and all of their third-party applications are up to date. If they are outdated, security holes are being left unpatched. Therefore, users are leaving the backdoor wide open for cyber criminals.
The fourth suggestion is educating yourself and/or your employees. Knowing what today’s cyberthreats are, and the red flags to spot them will help decrease the likelihood of unintentionally downloading a malicious attachment or clicking on a malicious link.
The fifth and final thing is backing up files. Storing data on an external hard drive or cloud-based network will help with the restoration process if a cyber-attack were to corrupt systems.
If the backup of choice is an external hard drive, it is important to unplug the hard drive from the device once the backup process is completed. If users fail to do so, there is a risk of the backup files becoming infected if a cyber-attack were to execute.
Cybersecurity is far from a simple issue, but our nation is in a state of emergency, and it’s time we start to do something about it.
Rob Cheng is the Founder and CEO of PC Matic, an anti-virus company.