How to stay protected against ransomware

Ransomware: malicious software designed to block access to a computer system until a sum of money is paid.
by IFSC News
01 Jul 2016
IFSC

International Financial Services Centre

Ransomware has become one of the most widespread and damaging threats facing financial services companies and all internet users. According to an article in the Irish independent “this type of computer attack is now "rampant" in Ireland.”  Ransomware even featured in a Season 6 episode of The Good Wife when the firm’s entire IT system was shut down until they paid up. Of course, they had Kalinda, the investigator who identified the baddies and sorted it before the payment deadline!

According to the BBC there are now 124 separate families of ransomware and a 3,500% increase in attacks.

Ransomware typically propagates as a Trojan, entering a system through, for example, a downloaded file (as it was on The Good Wife) or a vulnerability in a network service.

When the file is opened, the system is restricted or locked. A message then appears on the user’s desktop explaining how a ransom can be paid within a set timeframe. When payment is made, a decryption key is provided. The ransomware will then delete itself leaving just the encrypted files and ransom notes behind.

Often networked Windows back-ups are deleted at the same time to prevent data recovery.

The University of Calgary recently paid USD$16,000 in a ransomware attack. A few hospitals in Germany and North America have been hit in the last 4 months as well as a Michigan electrical and water utility. Bitcoin is the payment method of choice by the bad guys.

As most of us don’t have our own Kalinda, here are 10 easy ways to protect against ransomware:

  1. Backup regularly and keep a recent backup copy off-site (and offline)
  2. Don’t enable macros in document attachments received via email
  3. Be careful with unsolicited attachments
  4. Don’t stay logged in as an administrator any longer than is strictly necessary
  5. Avoid browsing, opening documents or other “regular work” activities while you have administrator rights
  6. Install Microsoft Office viewers
  7. Keep your operating system and software up-to-date with the latest patches
  8. Stay up-to-date on new security features added to your business applications
  9. Set Notepad to open .JS files by default
  10. Show files with their extensions

For more information download the Sophos white paper.

More News

  • Tax revenues solid in Q1; expenditure delivering on Budget 2026 approach
    IFSC News
    Tax revenues solid in Q1; expenditure delivering on Budget 2026 approach
    Learn More
  • Mega deals reach record high and propel surge in deal value
    IFSC News
    Mega deals reach record high and propel surge in deal value
    Learn More
  • Tánaiste invites expressions of interest for Financial Literacy Ambassadors
    IFSC News
    Tánaiste invites expressions of interest for Financial Literacy Ambassadors
    Learn More
  • Tánaiste convenes first Annual Savings and Investment Forum
    IFSC News
    Tánaiste convenes first Annual Savings and Investment Forum
    Learn More
  • 6 in 10 compliance experts say ‘greenhushing’ is a growing or significant issue within Irish financial services sector
    IFSC News
    6 in 10 compliance experts say ‘greenhushing’ is a growing or significant issue within Irish financial services sector
    Learn More
  • Tánaiste and Minister for Finance Simon Harris attends meeting of the Eurogroup
    IFSC News
    Tánaiste and Minister for Finance Simon Harris attends meeting of the Eurogroup
    Learn More