Imagine a criminal breaking into your home, but instead of
taking anything, they change the locks and tell you to pay them or they will
not give you the new keys. This is what Ransomware does, though instead of your
home, it is all of the files on your computer. Files you need to access in
order to do your job. These criminals plan on using that need for their own
profit.
Here is an article from The
Washington Post that demonstrates just how bad this type of malware can be for
your city.
What it is?
Ransomware is a type of malware that uses encryption to restrict
access either by locking files or by inhibiting entry into the system altogether.
Once the system is encrypted, it is very difficult, or impossible, to gain
access again on your own. The malware operators then require payment before
they unlock the system (which they may not do even if they are paid).
The pop up message requesting payment may be disguised as a
fake warning pretending to be from a law enforcement agency locking your system
claiming that it has been used for illegal purposes, or even Microsoft stating
the version of windows you are running is pirated. Do not be fooled by this,
call an IT professional and the police immediately. Do not turn any infected
systems off either, doing so may actually make the IT pro’s job more difficult.
What you can do to protect yourself?
The typical method malware, such
as ransomware, gets on your system is through some form of download. It may be hidden in something you download,
so be sure to only download files or programs from trusted sites.
Another method used to infect
your computer is phishing emails. These are spam emails used to trick you into
clicking a link that will take you to a fraudulent site that will download the
malware to your system. Make sure you’re using some form of anti-virus software
that includes email checking. The best practice is to delete any emails from
sources you don’t know. Never click any links in emails unless they are from a
trusted source. Also be wary of emails that appear to be from trusted sources
that contain just links or a simple phrase such as, “check out this video!” or
“this site is so great!” The trusted source may have gotten a virus, and that
virus is sending those emails, or the email may contain a spoofed address.
For other ways to protect
yourself, you can also check out our On
the Line blog on this topic by LMC’s Greg Van Wormer.
Backup you system regularly!
It may be impossible to recover your files once they have
been encrypted by ransomware; however, if you have your data backed up, you can
limit the how much information you lose.
Cities should be backing up their systems, at least weekly
(nightly is better!), and storing backups in a place safely offline and away
from any computers that may become infected. Consider using a rotating backup
schedule, allowing for multiple backups to be retained. If you do use such a schedule please consult
with your city’s Responsible Authority to ensure your backup schedule meets
your city’s records retention schedule.
What should you do if you get it?
Despite your best efforts, you may still find yourself the
victim of ransomware. Should this be the case, call the police, an IT
professional (if you have one in house), and LMCIT right away, as mitigation may
be covered under your Property/Casualty insurance. Whatever you do, Do Not Pay the Ransom,
there is no guarantee they will actually remove the ransomware should you pay
it.
Computers and the internet are a great resource, please
remember to use them safely.
No comments:
Post a Comment