Posts Tagged ‘ransom’

Help The FBI Find A Defense Against Ransomware

Monday, September 19th, 2016
Help Fight Ransomware - Ohio CPA Firm

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Keep reading to find out how you can help the FBI combat the threat of Ransomware.

The FBI recently released a public service announcement urging victims of Ransomware attacks to come forward and report these cyber infections to federal law enforcement. Doing so, the FBI said in a statement, will “help us gain a more comprehensive view of the current threat and its impact on U.S. victims.

Read Also: Could Your Company Be Ransomware’s Next Victim?

A Closer Look At Ransomware

A computer infection that has been programmed to encrypt all files of known file types on your computer and your server’s shared drive and making them inaccessible until a specified ransom is paid; Ransomware is a very real threat to all businesses nationwide. Once a computer is infected, which usually happens once a user clicks on a malicious link, opens a fraudulent email attachment or unknowingly picks up a high-risk automatic download while surfing the web, it’s all but impossible to regain access to the data that has been infected. Upon discovering that your computer has been infected, you have two choices. You can either:

1)     Restore the machine by using backup media, or

2)     Accommodate the hacker’s demands and pay their ransom.

And both options are less than ideal.

What To Do If Your Company’s Network Becomes Infected

Ransomware infections were at an all-time high in the first several months of 2016, according to various cybersecurity companies, and because new Ransomware variants are emerging regularly, the FBI needs your help to determine the true number of Ransomware victims.

“It has been challenging for the FBI to ascertain the true number of Ransomware victims as many infections go unreported to law enforcement,” the agency stated in its recent announcement. “Victims may not report to law enforcement for a number of reasons, including concerns over not knowing where and to whom to report; not feeling their loss warrants law enforcement attention; concerns over privacy, business reputation, or regulatory data breach reporting requirements; or embarrassment. Additionally, those who resolve the issue internally either by paying the ransom or by restoring their files from back-ups may not feel a need to contact law enforcement.”

Read Also: How Much Is Your Data Worth To Criminals?

Reporting a Ransomware attack on your company’s network is not only beneficial for you, the information you provide will help the FBI as it works to identify ways to prevent future attacks. Your reports will:

  • Provide law enforcement with a greater understanding of the threat
  • Help justify Ransomware investigations
  • Contribute relevant information to ongoing Ransomware cases

Help Arm The FBI With Information

The recent PSA released by the agency requests that all Ransomware victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center. Be sure to have the following details available and ready to provide to the respondent when prompted (if applicable).

  1. Date of Infection
  2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
  3. Victim Company Information (industry type, business size, etc.)
  4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
  5. Requested Ransom Amount
  6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
  7. Ransom Amount Paid (if any)
  8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
  9. Victim Impact Statement

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Click here to read the FBI’s complete announcement.

To learn more about protecting your business from cybercrime, download the free whitepaper, “Cybercrime: The Invisible Threat That Haunts Your Business.”

Share Button

Can A Cybercriminal Crack Your Company’s Network?

Tuesday, April 5th, 2016
Ransomware Attack | Cybercriminals Target Businesses | Ohio CPA Firm

Ransomware has become a formidable threat to businesses of all sizes, yet I have worked with quite a few business owners who are unfamiliar with the term. This is particularly unnerving as a Ransomware attack can be catastrophic to the financial stability of your business. Read on for tips to help you prevent a Ransomware attack from taking down your business.

Small and midsize businesses are not immune to becoming the target of a crippling cyberattack and without the proper procedures in place business owners risk the very real threat of a large-scale assault on their company’s data. Would you be able to recover if your organization was attacked?

Instances of cybercrime have reached an all-time high and ensuring that your company has the procedures in place to guard against an army of determined fraudsters is more important than ever. But before you can implement effective controls, you must have a clear understanding of what it is that threatens your business.

Know Your Enemy

Ransomware has become a formidable threat to businesses of all sizes, yet I have worked with quite a few business owners who are unfamiliar with the term. This is particularly unnerving as a Ransomware attack can be catastrophic to the financial stability of your business.

Read Also: Could Your Company Be Ransomware’s Next Victim?

Ransomware is the infection of a computer which immediately encrypts all recognizable file types. Once your network is infected, a screen appears on your monitor demanding that the company pay a ransom in exchange for the data to be “decrypted” and released. A timeframe is established by the hackers and it is made clear that if the ransom is not paid before the deadline, the organization’s data will be destroyed.

4 Tips To Help Prevent A Ransomware Attack

To protect your business against Ransomware and other similar threats:

  1.  Train your employees to identify phishing emails.
    Numerous vendors can provide your company phishing tests and video training to help educate your employees about phishing emails and ways to identify possible scams. Specifically, work to change the mindset of those within your organization when it comes to opening attachments and clicking on hyperlinks.
  2. Set employee Microsoft Active Directory rights.
    It’s unlikely that all your employees will need full-access to your company’s entire database to do their jobs. One way to protect your data is to only grant access to the data needed for employees to complete their job responsibilities. This way, if an attack does occur, the damage can be isolated.
  3. Consider implementing programs such as Microsoft “AppLocker.”
    When you implement programs like AppLocker, you require users to be assigned access to the programs they need to utilize. Again, this helps to isolate the threat which can help minimize the impact of an attack.
  4. Implement a Disaster Recovery (DR) Plan.
    Some research indicates that only about 35 percent of small- to medium-sized businesses have a working and comprehensive disaster recovery plan. We are learning time and time again just how important it is to have a plan in place to protect your business when crisis strikes. A DR plan, complete with regular plan testing and offsite backup data, will help prepare you for unforeseen events which, under current circumstances, could prove to be catastrophic. Click here to learn more about the benefits of a DR plan and how they can keep your organization and its data safe.

Guard Your Data With These Best Practices

Monitor for irregularities

If your network is infected, you can eliminate or decrease the threat of Personally Identifiable Information (such as financial records, medical information or intellectual property) from being infiltrated by utilizing an Intrusion Detection System or Security Information & Event Management application or service. These applications are designed to monitor for invalid access attempts, outgoing traffic identification and other significant alerts.

Require two-factor authentication

Many breaches are the result of access that has been granted to a third-party vendor. Oftentimes the vendor’s network will become infected and can lead to the breach of your own organization. While the data breach may not have originated within your organization, you are responsible for the inroads that were ultimately exploited by hackers to gain access into your network. A best practice is to require all vendors to utilize two-factor authentication or direct contact with your IT staff in order to gain access to your company’s network. Your networks should never be directly accessible to any outside vendor.

These tips can help you protect your organization from cybercriminals, but they only provide an initial layer of security. New threats are being developed every day and existing threats are evolving rapidly. The best thing you can do is arm yourself with knowledge and regularly test for weaknesses in your company’s armor. One day, your business will be the focus of a cyberattack. Will you be ready?

Email Rea & Associates for more information about protecting your business from cybercrime.

By Joe Welker, CISA (New Philadelphia office)

Check out these articles to learn more about Ransomware and other cyberattacks on businesses:

How Much Is Your Data Worth To Criminals?

Businesses Beware: Sloppy Data Security Could Cost You

Then & Now: Data Security In America Since The Target Breach

Share Button

Could Your Company Be Ransomware’s Next Victim?

Wednesday, July 8th, 2015
Preempt A Crisis - Rea & Associates - Ohio CPA Firm

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

The malware known as CryptoLocker or CryptoWall continues to be a major concern for individuals and companies alike. So much so, that the FBI saw fit to issue a warning just last month and help raise further awareness about the threat.

According to the FBI, this Ransomware continues to evolve, which helps it avoid user’s virus detection software applications – even if they are current. Since April 2014, reported the FBI, there have been 992 incidents of CryptoLocker reported. These occurrences have resulted in the loss of around $18 million.

Read Also: How Much Is Your Data Worth To Criminals?

The Threat Is Real

Ransomware is a computer infection that’s been programmed to encrypt all files of known file types on your local computer and your server’s shared drives. Once it takes hold, it’s all but impossible for you to regain access to the data that’s been infected. Once this happens, you have one of two choices. You can:

  1. Restore their machine by using backup media, or
  2. Accommodate the hacker’s demands and pay up.

As a direct result of my experience as an IT audit manager, I have been made aware of several situations in which businesses were left with no choice but to succumb to the demands of malicious cybercriminals carrying out Ransomware attacks. And while the companies I have worked with were finally able to obtain their assailant’s encryption key code to unencrypt and regain access to their data after the ransom was paid, others are not as lucky – after all, the FBI has reported $18 million worth of losses in just over a year. Furthermore, there are no guarantees that you won’t be targeted again in the future.

Preempt A Crisis

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

  • Implement mandatory computer safety training for all employees and implement and test an IT Disaster Recovery Plan in place.
  • Always use reputable antivirus software and a firewall and be sure to keep both up to date.
  • Put your popup blockers to good use. Doing so will help remove the temptation to click on an ad that could infect your computer.
  • Limit access to company’s data by ensuring that only a few employees have access to certain folders and data. You can facilitate this type of action by conducting annual reviews of your company’s employee access rights.
  • Backup all company-owned content. Then if you do become infected, instead of paying the ransom, you can simply have the Ransomware wiped from your system and then reinstall your files once it’s safe again to do so.
  • Never click on suspicious emails or attachments, especially if they come from an email address you don’t recognize. And actively avoid websites that raise suspicion.

Shut Down The Attack

If you are surfing the Web and a popup ad or message appears to alert you that a Ransomware attack is in progress, disconnect from the Internet immediately. Breaking the connection between the hacker and your data could help stop the spread of additional infections or data losses. In addition to informing your company’s IT department about the threat or occurrence, be sure to file a complaint with your local law enforcement agency.

Email Rea & Associates to learn more about the importance of your company’s online security.

By Joe Welker, CISA (New Philadelphia office)

 

Related Articles

Beware Of The Small Business Wire Transfer Scam
Could A Cyber-Attack Cripple Your Business In 2015?
8 Tips For Crafting A Strong Password

Share Button