How to stay protected against ransomware

Ransomware: malicious software designed to block access to a computer system until a sum of money is paid.
by IFSC News
01 Jul 2016
IFSC

International Financial Services Centre

Ransomware has become one of the most widespread and damaging threats facing financial services companies and all internet users. According to an article in the Irish independent “this type of computer attack is now "rampant" in Ireland.”  Ransomware even featured in a Season 6 episode of The Good Wife when the firm’s entire IT system was shut down until they paid up. Of course, they had Kalinda, the investigator who identified the baddies and sorted it before the payment deadline!

According to the BBC there are now 124 separate families of ransomware and a 3,500% increase in attacks.

Ransomware typically propagates as a Trojan, entering a system through, for example, a downloaded file (as it was on The Good Wife) or a vulnerability in a network service.

When the file is opened, the system is restricted or locked. A message then appears on the user’s desktop explaining how a ransom can be paid within a set timeframe. When payment is made, a decryption key is provided. The ransomware will then delete itself leaving just the encrypted files and ransom notes behind.

Often networked Windows back-ups are deleted at the same time to prevent data recovery.

The University of Calgary recently paid USD$16,000 in a ransomware attack. A few hospitals in Germany and North America have been hit in the last 4 months as well as a Michigan electrical and water utility. Bitcoin is the payment method of choice by the bad guys.

As most of us don’t have our own Kalinda, here are 10 easy ways to protect against ransomware:

  1. Backup regularly and keep a recent backup copy off-site (and offline)
  2. Don’t enable macros in document attachments received via email
  3. Be careful with unsolicited attachments
  4. Don’t stay logged in as an administrator any longer than is strictly necessary
  5. Avoid browsing, opening documents or other “regular work” activities while you have administrator rights
  6. Install Microsoft Office viewers
  7. Keep your operating system and software up-to-date with the latest patches
  8. Stay up-to-date on new security features added to your business applications
  9. Set Notepad to open .JS files by default
  10. Show files with their extensions

For more information download the Sophos white paper.

More News

  • 1 in 3 Compliance Professionals say AI Has Made It More Difficult For Financial Institutions To Safeguard Customer
    IFSC News
    1 in 3 Compliance Professionals say AI Has Made It More Difficult For Financial Institutions To Safeguard Customer
    Learn More
  • NAMA Publishes Final Annual Report
    IFSC News
    NAMA Publishes Final Annual Report
    Learn More
  • Executive exposure: 7 in 10 directors in Irish organisations are “concerned” about AI-enabled attacks 1 in 6 Irish executives report high exposure to kidnap-for-ransom risks
    IFSC News
    Executive exposure: 7 in 10 directors in Irish organisations are “concerned” about AI-enabled attacks 1 in 6 Irish executives report high exposure to kidnap-for-ransom risks
    Learn More
  • Only One Third of Financial Firms Fully Prepared for EU AI Act Requirements
    IFSC News
    Only One Third of Financial Firms Fully Prepared for EU AI Act Requirements
    Learn More
  • Tánaiste & Minister for Finance meets with the main pillar banks to discuss the roll-out of the new Investment Account framework and the emergence of new online harms to children
    IFSC News
    Tánaiste & Minister for Finance meets with the main pillar banks to discuss the roll-out of the new Investment Account framework and the emergence of new online harms to children
    Learn More
  • Ireland - €2bn no-grow tap of October-43 Green Benchmark
    IFSC News
    Ireland - €2bn no-grow tap of October-43 Green Benchmark
    Learn More