July 21, 2016
US Department of Homeland Security Ransomware Alert
On the heels of the many recent ransomware onslaughts on businesses, the US Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), recently posted an official public alert about the rising risk of ransomware attacks and the severity of the situation for both end users and businesses.
The joint statement provides a great overview of ransomware, highlighting the dominant strains in existence, the vertical markets targeted, and its potential impact on businesses, including “temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organization’s reputation.”
The DHS stresses that individuals not pay a ransom, as doing so “does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed.”
The statement closes with a list of preventive measures for computer network protection from ransomware. The #1 recommendation comes at no surprise to us:
“Employ a data backup and recovery plan for all critical information. Perform regular backups to limit the impact of data or system loss and to expedite the recovery process. Note that network-connected backups can also be affected by ransomware; critical backups should be isolated from the network for optimum protection.”
Other “solutions” listed include using “application whitelisting”, ensuring all operating systems and software are up-to-date with the latest patches, leveraging anti-virus software, and restricting user permissions to install and run unapproved software.
For managed services providers, this statement from the federal government provides even more weight to the importance of cyber security solutions for businesses today, most essential being data backup and recovery, such as Datto. The alert also serves as a great piece of education to share with customers or prospects who are unaware of the threat of ransomware and the technologies needed to mitigate the risk.
Aside from cyber security defense products and a secure and reliable backup and restore solution, MSPs should also assist in providing SMBs with a basic education on cyber security best practices. Only by doing this do we have a chance of fighting back against the growing population of cyber bullies.
Where to begin? Send this persuasive piece of content to your database! (Subject: Why Datto? Because Uncle Sam says so!) Read the full US Department of Homeland Security alert on ransomware here.