Cyber News Roundup: R is for Ransomware

Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive regular updates here.

Ransomware may sound like a suspenseful movie plot, but the reality is that it’s plaguing organizations in every industry. Let’s face it: ransomware commands big reactions and big dollars…and big headlines. Ransomware is an attack that locks computers and systems and demands a ransom to give back access to the data. “In the world of cybercrime, ransomware attacks might be the sophisticated bank heists,” covers The Washington Post. Big paydays can result in the millions-of-dollars range. Darren Shou, chief technology officer at NortonLifeLock tells USA Today that paying the ransom encourages more criminal activity. 

No industry is immune to ransomware: critical infrastructure and hospitals have especially been targeted in recent months. “Cybercriminals typically target businesses and governments — in the hopes they’ll pay bounties to release files and perhaps avoid a public relations disaster – but opportunistic crooks also extort money from regular computer users,” reports USA Today. Read more about the latest ransomware hacks.  

Shou and other experts recommend these tips if organizations are attacked: 

  • Disconnect the computer from the network, such as turning off Wi-Fi  
  • On another device, do an online search to determine the kind of ransomware  
  • Use a decrypter from a trusted source and run anti-malware software 
  • Get as much information as possible. Shou encourages reporting the crime to law enforcement  

Preventive Tips to Minimize Ransomware Attacks 

Marc Saltzman outlines several preventive tips for organizations to minimize ransomware attacks, in his article, Ransomware: What to do if hit by an attack. These tips are good cybersecurity hygiene in general: 

  • Download applications only from trusted sources 
  • Keep apps and operating systems fully updated; where possible, set to auto-update 
  • Make sure the devices you have on your network, such as a wireless printer or router, are also updated with the latest software (firmware) 
  • Regular backups are critical (offline solution, cloud service, or both)  
  • Install anti-malware cybersecurity software on all your devices 
  • Delete suspicious emails and text messages 
  • Be careful what your employees click on. Phishing scams are also rampant   

Pritesh Parekh, chief trust & security officer and VP of engineering, at Delphix, writes that it’s time for organizations to think outside of the backup box. “A modern defense strategy against data extortion needs to yield same-day detection, response and correction. It also must address a wide range of threat vectors such as data encryption, backup corruption and business disruption. To add to this, security leaders and their teams must conduct root cause analysis, especially on data, to uncover issues and prove culpability.” He offers additional ransomware insights in a recent InfoSecurity Magazine article.  

More Cybersecurity Resources for Local Businesses 

Partner blog post of interest: McAfeeBack-to-School: Privacy Worries in a Remote Learning World