Archive

Go to:

August 2017
SMTWTFS
12345
6789101112
13141516171819
20212223242526
2728293031
< Jul Sep >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

The Rise of Ransomware
Wednesday, April 27, 2016 6:25 AM

Michael Salyer, IT Analyst, Credit Union Resources

For those unfamiliar with the term "ransomware," it is malware that infects files on a network and will not release them until the victim pays a ransom to the virus creator. Oftentimes this will involve encryption that makes it difficult, if not impossible, to access the files until the ransom is paid.

Most times, the system is merely locked and a message is displayed trying to coerce the user into paying. During its initial phase, ransomware was typically files that encrypted particular file types (Word, Excel, .DLL files, and executables, just to name a few). Eventually the malware began infecting the system itself, preventing the PC from booting properly.

Initially gaining popularity in Russia in 2006, it has now become an international threat. By 2012 the European Continent, as well as North America, had seen a sharp increase in ransomware incidents. The FBI estimates that ransomware currently costs users around $150 million dollars a year. The operators may ask for as little as $10 or as much as $600 in some cases. This may not seem like a lot of money in the grand scheme of things, but remember, there is no guarantee paying the ransom will get your files released, or prevent you or our company from being targeted again for extortion.

Although not the FBI’s official stance; Joseph Bonavolonta, assistant special agent in charge of the Cyber and Counterintelligence Program in the FBI’s Boston office tells victims of ransomware, “The easiest thing may be to just pay the ransom.” The overwhelming majority of institutions do just that.

Not that it should be, but if paying a ransom is not your first choice, there are ways to reduce the risk of getting infected. As with other cyberattacks, you can take steps to avoid ransomware. Here are some simple steps individuals and organizations can take to avoid attacks or protect themselves after an attack:

  • Robust antivirus software: Not only is it important to use antivirus software from a reputable company, but you must ensure your virus definitions are up to date.
  • Firewall/IPS: Having a strong firewall with a built-in intrusion prevention system will help prevent infections from getting into your network in the first place. Setting up alerts for known issues will greatly benefit this process.
  • Data backups: Regular, secure backups will help mitigate this threat. If the infection is caught soon enough, files can be restored from a previous night’s backup.
  • Browser popup blockers: Popups are a primary tactic for extortionists, so simply avoid accidentally clicking on an infected popup.  Most of today’s web browsers offer a built-in popup blocker; make sure this is turned on.
  • Fake websites/phishing: Don’t click on links inside emails, and avoid suspicious websites. If your PC does come under attack, use another computer to research details about the type of attack. But be aware that the bad guys are devious enough to create fake sites, perhaps touting their own fake antivirus software or their decryption program.
  • Disconnect from the Internet: If you receive a ransomware note, disconnect from the Internet so your personal data isn’t transmitted back to the criminals and the infection cannot spread to other systems on the network.
  • Alert authorities: Ransomware is a serious form of extortion. Local police may not be equipped to deal with this. You are encouraged to contact your local FBI office.

Assess Your Systems and Manage Your Risk

As technology changes, every credit union faces new security issues. Let Credit Union Resources help you stay on top of it—your future could depend on it. Our team of technology professionals provides guidance on compliance, shares best practices, and performs audits. We have a vested interest in your success, and your cybersecurity matters to us. To find out how we can help you manage cybersecurity and operational risks, contact:

Idrees Rafiq
469-385-6799
800-442-5762, ext. 6799
irafiq@curesources.coop

Deanna Brown
469-385-6464
800-442-5762, ext. 6464
dbrown@curesources.coop

About Credit Union Resources, Inc.
Credit Union Resources is a service corporation that provides industry-leading solutions and expertise to credit unions across the country. Credit Union Resources is a part of the Cornerstone Credit Union League, a regional trade association representing the interests of credit unions in Arkansas, Oklahoma, and Texas.