What is Ransomware?
Ransomware is a type of computer virus that prevents or limits users from accessing their system. Some variants encrypt data while others install annoying pop-ups that are difficult to remove. Hackers demand that victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Here is an FBI Alert on Ransomware.
Within the last month Hollywood Presbyterian Hospital, Chino Valley Hospital and Desert Valley Hospital, all in Southern California, fell victim to ransomware. Just this week we are privy to attacks on a BD and an RIA, so ransomware seems to be on the rise and firms need to be alert.
Is Being Infected with Ransomware a Data Breach?
Data breaches are costly with estimates typically around $250 per record. There are federal and State breach notification laws and a data breach must be taken very seriously, despite the inclination to be in a state of denial.
As mentioned above some ransomware variants can exfiltrate data, while others do not. Thus, it is imperative to identify the variant to determine if a data breach has occurred.
How to Protect Yourself from Ransomware
- Conduct user awareness training. Ransomware exploits users in various ways by getting them to click on infected links in emails or on websites.
- Make sure you have a robust and properly configured firewall.
- Employ antivirus software from a reputable vendor and make sure the software is updated automatically.
- Employ multiple mechanisms to back up your data, at least daily.
- Enable pop-up blockers since many ransomware payloads are delivered via pop-ups.
- If you suspect an attack immediately turn the computer off to prevent propagation of the virus and exfiltration of data.
- Have an incident response plan. Many response plans simply escalate the issue to management but is management prepared to respond? Firms also rely on IT vendors but are they prepared to respond? Be aware there are reputable firms that specialize in remediation and a good plan should include having one on retainer or at least having identified the vendor you would call if needed.
CCLS Can Help
The CCLS approach to cybersecurity begins with an assessment to identify risks. CCLS also offers robust user awareness training that covers a wide range of issues, including protection against ransomware. We help our clients with cybersecurity policies & procedures including an incident response plan. For more information, contact us at 619.278.0020 or firstname.lastname@example.org.