As San Francisco’s transport agency becomes one of the latest organisations to be hit by a ransomware attack, is an attack inevitable for any one of us or can we protect ourselves?
Computer viruses that threaten to delete your files unless you pay a ransom are known as ransomware, the fastest growing form of computer virus.
This weekend, San Francisco’s transport agency was hit by ransomware, an hack attack that led to customers being able to travel for nothing.
Computers across the city’s transport network, including at stations, were disabled with screens displaying a message from the attackers that read: “You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter”.
Yandex is a Russian internet company that, among other things, provides email and social networking tools.
The hackers have made a ransom demand of 100 Bitcoin, which amounts to about $70,000 (£56,000 ; €66,000).
Thousands are having their computers encrypted by ransomware – are you one of them?
Ransomware is a form of malware that gives cybercriminals the ability to remotely lock down files on a victim’s computer and/or mobile devices, from a remote location. A pop up window informing the owner that it will not be unlocked is displayed demanding a fee to unlock them! Often the only usable part of the computer is the number keypad to enter a PIN to enable payment to the criminals!
An additional twist is that an accusation of illegal activity or even pornographic images appear on the locked screen making it even more difficult for some users to seek help from anybody else.
How much information are you sharing about yourself that will make it easier for the attackers to target you?
Amshire’s managing director Dave Taylor warns: “You can never be totally safe, but most online attacks can be prevented or detected by basic security practises:
10 Cybersecurity Tips for you and your business
- Train employees – establish security practices and policies for employees and create a culture which takes cybersecurity seriously.
- Protect your systems – install latest software updates to protect against the latest online threats. Carry out inside-out and outside-in penetration testing.
- Provide firewall security – ensure this is correctly configured. If employees work from home, ensure their home system(s) are also protected.
- Don’t forget mobile devices – make sure laptops, tablets and smartphones all have adequate safeguards and reporting procedures in place if lost or stolen.
- Backup – check all critical data is regularly (preferably automatically) backed up to a secure off-site location.
- Control physical access – secure building entry points, consider CCTV installation, ensure visitors are properly managed and IT areas locked.
- Secure your Wi-Fi – if you have a Wi-Fi network for your workplace, make sure it is secure and encrypted. Do not allow visitors to use – provide a secure, separate guest network if you want to offer this facility.
- Payment cards – if you take card payments, make sure validation and anti-fraud systems are in place and that you are fully PCI compliant. Don’t use the same computer to process payments and surf the Internet.
- Restrict employee rights – staff should only be given access to systems they need for their jobs and should not be able to install new software without permission.
- Password policy – require employees to use unique passwords which are changed at pre-set times. Consider implementing multi-level access authentication to highly sensitive systems.
If you’re a victim of a ransomware attack, report it to Action Fraud immediately.
Thanks to Amshire IT Solutions for their contribution to this ransomware attack article