Ransomware is a form of harmful software created with malicious intent. Ransomware inhibits access to a computer system, locking out the end user until a sum of money or specified ransom is paid. In a recent article by CheckPoint, the “Number of organizations impacted by ransomware globally has more than doubled in the first half of 2021 compared with 2020”, showing an alarming growth of ransomware attacks in recent months.
In an effort to equip business with the tools needed to stay protected, NIST has released a guide titled Tips and Tactics for Dealing With Ransomware, complete with an infographic, two-minute educational video, and expanded PDF guide. Here are some steps as recommended by The National Cybersecurity Center of Excellence (NCCoE) that you can take now to protect yourself from the threat of ransomware.
- Automatically scan and check all inbound connections, including emails, and removable media like flash drives and external hard drives by using up to date antivirus software.
- Keep your computer fully patched / updated. Many operating systems now allow you to auto-schedule updates so that patches are pushed to your device and installed as they are released.
- Block access to known ransomware sites. Be aware when visiting sites that are not HTTPS secured, or that your internet security provider has flagged as a possible threat.
- Only allow authorized third party apps access onto your organizations network, remove access from any unknown or no longer needed third party connections.
- Avoid accessing personal accounts such as social media sites and personal email accounts on company owned devices and workstations.
- When possible use standard user accounts rather than accounts with administrative permissions.
- Beware of unknown sources, this applies to all inbound requests and messages you are receiving from hyperlinks to unsecured websites.
Sometimes taking immediate action is not enough, and ransomware attacks are successful. In those situations, it becomes important to ensure that information involved in the breach is not corrupted or lost before getting back up to speed. According to NCCoE, here are some preventative steps you can put in place to recover from past attacks and prepare for the future:
- Make an incident recovery plan with clear roles and timelines
- Backup & restore through regularly testing data backup and restoration strategies
- Keep your contacts in case of an attack, this can include law enforcement contacts all the way to your in-house IT responsible for your network.
Looking for additional cybersecurity, information governance, and data privacy resources for your organization? Browse through additional resources by The National Cybersecurity Center of Excellence at https://www.nccoe.nist.gov/
Check Point Software Technologies Ltd. (2021, May 12). The New Ransomware Threat: Triple Extortion. Check Point. https://blog.checkpoint.com/2021/05/12/the-new-ransomware-threat-triple-extortion/
National Cybersecurity Center of Excellence (NCCoE). (2021, May 13). NIST Releases Tips and Tactics for Dealing With Ransomware. NIST: National Institute of Standards and Technology. https://www.nist.gov/news-events/news/2021/05/nist-releases-tips-and-tactics-dealing-ransomware
National Cybersecurity Center of Excellence (NCCoE). (2021, May 13). NIST Tips & Tactics | Ransomware Infographic. NIST: National Institute of Standards and Technology. https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Ransomware_Tips_and_Tactics_Infographic.pdf
National Cybersecurity Center of Excellence (NCCoE). (2021, May 11). Tips & Tactics | Preparing Your Organization For Ransomware. NIST: National Institute of Standards and Technology. https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Tips_for_Preparing_for_Ransomware_Attacks.pdf
National Cybersecurity Center of Excellence (NCCoE). (2021, May 13). Tips To Help Your Company Protect Against Ransomware Attacks [Video]. NIST. https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/31013851/entry_id/1_1zg158ju/embed/dynamic