According to the United States Computer Emergency Readiness Team (US-CERT), ransomware is the fastest growing malware threat, with more than 4,000 attacks occurring each day. This type of malware blocks a user from accessing data until the operator of the malicious program receives payment. For the average hacker, the return on investment for a successful ransomware attack is more than 1,400 percent.
Ransomware attacks can target networks at homes, businesses, and government agencies. Hackers know that one of the easiest ways to get around anti-virus software, firewalls, and other security measures is through individuals and employees, which is why recognizing the threat of ransomware is important for everyone.
The MassIT Enterprise Security Office shares information on how ransomware infects your information and how you can protect your computer.
How Does Ransomware Spread?
There are four common ways hackers can plant ransomware in organizations.
- Phishing Downloads — Hackers may place baited links that look trustworthy in ads on a suspicious website or inside an email attachment. When you click the link, the malware is downloaded and encrypts your files.
- Outdated or Fake Software — Computer software that hasn’t been updated can provide hackers with an easy access point into your system. Hackers are also known to hide malware in fake updates for popular programs.
- Infected Flash Drives — Removable storage devices such as USBs can be used to spread ransomware.
- Malicious Apps — Hackers can infect computers by embedding malicious code in seemingly harmless applications, such as browser toolbars, key generator tools, messaging applications, and file sharing sites.
How Can I Protect Myself From Ransomware?
There are a few steps you can take to help make yourself a less attractive target for ransomware operators.
- Throw Away Password Sticky Notes — It can be tempting to write passwords down for reference, but opt for a password manager app instead. Adding a password to your computer or phone also adds extra security.
- Think Before You Click — Be wary of unexpected attachments. If you receive an unexpected email containing links or attachments, call the sender to confirm the legitimacy of the email.
- Use Secure URLs — URLs starting with HTTPS are more secure than those starting with HTTP. Whenever you need to log in to a site or fill out a form that requires personal information, make sure the site you are on uses HTTPS.
- Use a VPN on Public Connections — If you’re working on public connections — like those in coffee shops, airports, or hotels — be extra-cautious. Use a virtual private network (VPN) to encrypt your internet traffic before sending information to your organization’s network or another computer.
- Always Update — It’s tempting to click “remind me later” when prompted to update your computer software, but it’s important to update all security programs, operating systems, and other applications frequently. Malware often takes advantage of vulnerabilities in out-of-date applications.
Check out our other cyber security blog posts for more tips and tricks during National Cyber Security Awareness Month.
What’s Compliance Got to Do with It? A Look at Two Hacks posted on Oct 13
Imagine you’re leaving for a weeklong vacation. Would you leave your doors unlocked when you left the house? Probably not — this would put your possessions at risk of theft. Just locking your doors could deter potential thieves. The same logic applies to computer systems. …Continue Reading What’s Compliance Got to Do with It? A Look at Two Hacks
Where’s My Data? 10 Simple Tips for Securing Your Business’s Data posted on Oct 11
As a business owner, you can protect your employees, business, and customers from hackers. MassIT shares 10 tips to help IT departments at companies big and small create a security plan to keep their data safe. Identify Sensitive Data — Know where sensitive personal information, including …Continue Reading Where’s My Data? 10 Simple Tips for Securing Your Business’s Data
Understanding Malware — What It Is and Types to Know posted on Oct 6
The term malware is everywhere these days, but what exactly is it? Malware is short for malicious software. It can be used to manipulate your computer and steal your information. There are several types of malicious software, which can be broken down into broad categories, …Continue Reading Understanding Malware — What It Is and Types to Know