February 2, 2021
Good morning, everyone!
|This week’s critical vulnerabilities:
Patch all the things!!
Infosec guru @RachelTobac has recorded an infosec sea shanty for your entertainment and education.
Ransomware: Prevent, Detect & Respond
CISA has started a new awareness and education campaign Reduce the Risk of Ransomware:
Ransomware incidents have become more destructive and impactful in nature and scope. Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks. These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations. According to “The Cost of Malicious Cyber Activity to US Economy,” (February 2018), White House Council of Economic Advisers (CEA), estimates that the cost to the U.S. economy was between $57 billion and $109 billion in 2016 alone. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small.
With this in mind, I thought I’d discuss three important steps with regard to ransomware:
Hands down, your best option is not to get infected with ransomware in the first place! Think before you click! Ask yourself, “Why would my boss send me a work document to my personal email?” “Why would I get a shipping notification to my work email for something I ordered from home?” “Do I really need to enable macros in this file?” “Do I really need to see this video, enough to click on that popup box asking me to upgrade my video player or install a new codec?” Remember, trust only original sources of information.
Sometimes, it happens even when you’re careful. You opened an infected attachment or clicked on a bad link. What are the most common signs you have been infected with ransomware?
- Unexpected slowness – your computer was working normally a short while ago, but now it’s slow as molasses, and you are the only one in your office having problems (hint: your computer is working hard in the background, encrypting your data)
- Unexpected sound – you hear music playing or someone talking from your computer, while you’re working on a spreadsheet (hint: your computer is visiting websites in the background)
- A box that suddenly flashes on your screen and disappears immediately (hint: an application has just been loaded)
It’s important to detect these signs early, and be ready to respond quickly.
The first step is to disconnect your computer from the network and/or the Internet (pull the network cable out or turn off the wifi – if all else fails, cut the power). You want to isolate it, so that the malware can’t spread to other computers. You also want to keep it from communicating with the cyber criminals who installed that malware, so they can’t advance the infection. Next, take a picture of the screen, whatever you see there, and call for help.
And that’s a wrap for this week!
Talk to you again soon!
Security Awareness Training Goes Virtual
Thanks to COVID-19, lots of things are going virtual, and that includes my employee Security Awareness Training. I've set up a small studio in our conference room (nobody there but me) so I can provide live training (almost) just like before! You can see me wave my hands and make faces while a wall of fascinating facts and practical tips slideshow across your screens, wherever you and your employees may be.
Contact me to schedule your employee training sessions. They're fun! ☺