Ransomware - What is it? How to avoid it. What to do if you get it.

Ransomware - What is it? How to avoid it. What to do if you get it.

Author: Jeff Weeks, Sr. Vice President and Chief Information Security Officer

Ransomware is one of the threats that businesses and individuals fear most due to the potential loss of information and crippling effects on business.

What is Ransomware?

Ransomware is malicious software, usually distributed through phishing.  Once it is deployed on a computer or network, it encrypts the victim’s files. The criminal who deployed the ransomware then holds the key to unlock the encryption for ransom until the owner of the computer or network pays the demand or preferably removes all traces of the malware and restores their machine from backup.

How Do I Avoid Ransomware?

• Protect your devices with security software.
  • You will see a common theme with our recommendations; purchase your security software from a well-known provider.
• Enjoy your software and applications safely.
  • Purchase software and applications from well-known and trusted providers only.
  • Keep software, operating systems, and applications up-to-date with current versions and patches. Where possible, turn on automatic updates.
• Use available spam filters for email.
  • Improve your odds! Most email providers offer spam filters to cut down on the amount of spam emails you receive.
• Don’t fall for phishing schemes. This sounds easy but unfortunately, many people and companies fall prey to this tactic. The reason why it’s difficult to identify phishing schemes is twofold. First, cyber criminals are getting better at what they do; and second, psychology. Here are some basic ways to avoid being phished:
  • Don’t click on links or open attachments in emails if you don’t know the sender or were not expecting an email from the sender.
  • Even if an email seems like it is coming from a familiar sender, take a moment to evaluate it before you interact with it.
• Keep your information private. There are several variants of phishing: email, phone, text, social media, etc.
  • Be careful when providing your personal information. Make sure you know who you are talking to or shopping with.
  • If someone is soliciting your personal information via text or phone call, it is always best to end the call and call the entity back at a number you know or have researched yourself. Phone numbers can be faked or “spoofed” to look like the call is coming from a known entity.
  • Protect yourself online, don’t share too much information, like your birthdate.
  • If a social media friend sends you a link with no explanation or with a message that seems out of character or no message at all; it’s always best to contact that friend outside of social media to confirm the message was truly from them.
  • Only shop online with well-known retailers.
• Beware of public WiFi.
  • Anyone can stand up a public WiFi connection and name it anything they want. If you are at a coffee shop or staying in a hotel, for example, ask if there is a password protected network for customer use. If not, use your own personal hotspot or turn off WiFi on your device and operate on a cellular connection, if possible.
• Share these tips.
  • Just one wrong click can expose your information or your network to ransomware. Share these tips with your family or others using your network to keep your network safe from ransomware and other malicious threats.
• Back up your information and photos on a regular basis.
  • Finally, back up your information. This way, in the event you do get ransomware on your computer or network, you can simply factory reset your device and restore your information and photos from backup.
  • Ensure your back up files cannot be accessed by ransomware. Keep them offline, such as using a portable hard drive, and only connect when needed or use a service that saves older versions of your files.

I Have Ransomware, Now What?

If you find that your computer or network has been infected with ransomware, avoid paying the ransom unless absolutely necessary. Ransom payments go to support criminal activity, and chances are you won’t get your files back anyway, or you’ll be marked as a future target for a larger ransom. The best idea is to seek out professional help as soon as possible.  Some ransomware has been defeated, and the data may be able to be recovered without paying the ransom.  If you have backed up your files, restore your device to its initial state and restore your files from the backup. Cybercrime such as ransomware, can be reported to the FBI at www.ic3.gov.

About the Author

Jeff has been with First National Bank of Omaha for 21 years and is currently the Senior Vice President and Chief Information Security Officer. The executive leadership and oversight provided by Jeff in the development, management and execution of information security for First National Bank of Omaha enables the company’s ability to posture and protect private, personal information, and assets of the company’s clients, employees and business partners.

Jeff is a member of FS-ISAC (Financial Services Information Sharing and Analysis Center) and PPISC (Payments Processor Information Sharing Council), MBCA Advisory Board (Mid-Size Bank Coalition of America), FishTech Advisory Board, Bellevue University Advisory Board, Minneapolis CISO Advisory Board, and he was recently appointed as an FNBO Board member. Over the course of his career, he has been awarded several professional certifications including Certified Information System Security Professional (CISSP).