It doesn’t seem like we can go a day without hearing about another entity hit by ransomware. A type of malware that restricts access to the infected computer system in some way, ransomware demands that the user pay a ransom to the malware operators to remove the restriction.
Lately it appears many public agencies, such as law enforcement, are targets of ransomware attacks. Protecting computers and networks from ransomware is pretty much the same as protecting from viruses and malware in general. Below is a brief list of steps you should take to help protect your computers and network.
- Back up your systems on a daily basis. This includes cloud-based services. Make sure you can restore data if a system is compromised.
- Install updates as soon as possible. On end user equipment, critical updates should be installed as they’re released.
- Limit people’s access to their computers. Don’t allow end users to have local administrative rights. This means end users and a large number of viruses are unable to install software without first gaining administrative access.
Greg Van Wormer - Limit data access to only what users need to do their job. If a user only needs to view data and not change it, make sure they can only view the data. Ransomware can only encrypt or take hostage data if change or write rights are granted.
- Filter email for executable code and other malicious attachments. If you’re using online services like Office 365 or Google Apps, this is usually part of their service.
- Use firewalls, both on your network and on local computers.
- Use anti-virus.
- Separate any public wireless network from the network used for city business. (And avoid using wireless networks whenever possible.)
- Educate employees to not click on unknown links, download unknown documents, and be cautious with email.
Up Next: The Off-Duty Rescue
In the meantime, stay safe and be careful.
Rob