How to Avoid Ransomware

It came to my attention that many more hospital administrations are under fire from Ransomware attacks.  These attacks are devastating on operations, money spent, and faith from your customers.  Today, we’ll go over how to better protect yourself as an administrator or as a hospital staff member so that your organization can better prepare themselves against the threat of ransomware.

 

What is Ransomware?

Ransomware is what is sounds like.  It’s a piece of software, that once on your computer, will make a nasty habit of encrypting files and folders on your hard drive, making them unusable. From there, it will usually give you a popup message on your computer saying “pay up or lose your files forever.”  As you can imagine this information can be devastating to some who may only have single copies of those files available.  What if you only had a single copy of those documents and they were critical to the functioning of your business what would you do?  As you can imagine, most feel coerced into paying up.

 

What can I do?

I’m very glad you asked!  Today we are going to discuss six ways in which you can protect yourself and/or your organization against Ransomware threats whether they be of the wide net kind or the advanced persistent variety.

 

  1.  Have a disaster recovery plan.  Keep daily/weekly offline backups that are not attached to any powered machine.  This can include CD/DVD backups of records, an attached storage which is formatted and rotated for each month in update (keeping 12-24 of them available so you have two years of backup solutions if possible).  The key plan though is to make sure you have your data isolated from the main-network.  If there is an attack on your network, Use a separate, known to be clean (perhaps a purchased PC or machine from another network would be ideal)  to first make a copy, then use that copy to attempt to recover your records, only after removing known threats and ransomware.
  2. Show all files and file extensions.  Though this may scare your less tech savvy co-workers with the proliferation of new hidden files and 3 letter end-extensions, but these are mandatory.  More often than not, it is very simple to create an innocent looking image or pdf file that may have been passed from an internal email or from a customer even…I would recommend to not even bother downloading it, though if you have all extensions shown (using Folder Options in Windows, Finder, Preferences, Show All File Extensions for Mac.)
  3. Set a strict no attachments policy on emails.  This should go without saying for any circumstances really but it goes triple so for any business or organization.  DO NOT BOTHER OPENING ATTACHMENTS! Here’s why:  When has there ever been a situation to where you needed to open a PDF on your own machine?  When have you NEEDED to open a picture on your own machine?  This is 2016….and yet in 2004 the answer was NEVER!  Does your customer or patient NEED to send an image?  Ask them to Use Imgur, then to delete once you have a copy for yourself….Buffer Overrun is no Joke.  Need a PDF or documentation?  Have them provide data through a form! If you use client-based email solutions such as Macmail, ThunderBird, or Outlook, then set rules to move emails with attachments to trash automatically.
  4. Set Boxtrapper Policy on Emails. Less known but quite valuable is to set a boxtrapper policy on all external emails.  Doing this forces automated emails to pass through a confirmation email step before being white-listed and you see an instant reduction in spam from automated emails.
  5. No external USB media drives. Avoid media devices as they could be external attempts to penetrate your network.  Instead, contact the sender and inform them that paper copies are required as per policy or direct data submission per you requirements.  Furthermore, attempted solicitations of USB drives should be logged in a Computer security log or IT Incident Binder of sorts such that a record can be established of attempts to infiltrate your data should law enforcement or litigation be further necessary.
  6. No Free Lunch, Dodge Shady Websites. Are you using warez, downloading entire contents of torrent files, using software from closed sources, or attempting to use pirated software?  You may potentially get Fired! But more importantly you may be putting your files at risk.  By all means, avoid illicit software that may have ransomware, bitcoin stealers, and viruses built in.  Shady websites also have bad advertising that will mislead you into clicking the wrong thing, leading to infection.
Poor guy lost 4.88 BTC (Just over $2000 as of 4/2016) over pirating a $60 Game!

 

Closing Remarks

Now that we know of Ransomware, we’ve gone over how we can prevent it from proliferating within your organization. At the end of the day, nothing beats good common sense and consistent policy enforcement.  If you MUST make an exception, consider making it on a personal computer and the ramifications if that file were ransomware, locking up your valuable family photos to be encrypted under threat of loss without payment….avoid external files as often as possible, use links to publicly hosted image sites.  Use a sandbox computer with google drive to print then delete pdf files if you absolutely have no other choice than to receive and print them….key takeaway there…SANDBOXED computer

doitvirusupload

Post Author: Frankenmint

From the pristine land of the internetz, the Frankenment was bred from machine. While looking to embrace the new world Linux regime he is truly a windows bred. I've come from the darkness to the light to share with you other internetz fol-ken to share the message of virtual money. Through our actions, we can make the virtual world yet again beyond the decree of the internet, with the decree of internetz money! Bitcoin, the Supercurrency, the official tender of the internetz that will be accepted by all countries and all fol-ken Alike!