Monday, May 15, 2017

Ransomware... scary stuff

You have probably seen the news reports from this weekend about a new and dangerous type of ransomware known as "WannaCry".  Ransomware is a specialized form of cyber attack that attempts to hold your data hostage by encrypting it (essentially scrambling it in a way that only the software's creators know how to unscramble).  In order to get your data unscrambled you have to pay the software's creators a ransom (through a payment method that allows the other party to remain anonymous)... hence the name "ransomware".

You should know that is not a false alarm -- this is a real and scary situation.  You should also know that there is no single “pill” for computer system security.  Securing a computer system is done in layers such as firewalls, anti-virus software, and employee education.

The list below provides some helpful information for business owners or workplace managers.  This list is not really specific to the WannaCry ramsomware, but is a more general list of basic security measures that should be performed and maintained.  See the section in red for something you can do right now to help secure your computer system.

  • Check your firewall to confirm that its protection mechanisms against this type of malware code are up to date and activated.  Most firewalls today have "gateway security" features built-in, but these features may need to be turned on and configured in order to function properly.  Sometimes there is an annual fee paid to the manufacturer for this feature, but the protection is usually worth it.
  • Your anti-virus software, if properly implemented, should provide some measure of protection from malware code.
  • You should review your computers and patch any that are not already patched.  Do this by running Windows Update on all computers.  There is a specific Microsoft patch mentioned in almost every article written about this particular episode.
  • I suggest communicating the following information to your employees right away.  It's the best protection you can have.
    • Ransomware is often spread by computer users clicking links in emails.  Do not open or click any suspicious emails.
    • Just because an email looks like it’s from someone you know doesn’t make it OK.  Use good practical judgment and err on the side of caution. 
    • If you receive an email you are uncertain about, check with the purported sender or check with your technical support contact for advice and guidance.
    • If you think something’s up, don’t take further action yourself and contact your technical support contact immediately.

Happy computing!

Craig Rhinehart
Chief Information Officer