The Human Aspect of Ransomware

The Human Aspect of Ransomware

You may have read or heard about cities in Florida and Baltimore being hit with ransomware that essentially stopped them from providing services. Ransomware, a form of malware, is a plague to businesses worldwide. It locks your data away in a secured (Encrypted) format that denies you any way to access or use it.

Ransomware can encrypt every file on a computer- essentially rendering it useless. For an individual, this is bad. For a city, business, or hospital, it could halt much needed services and aid, putting individuals in immediate danger.

Ransomware generally spreads via chance. It’s not picky and will strike whenever invited.  Why do I say invited? Today’s ransomware mostly comes in the form of an email attachment. This is the human aspect of ransomware.   Someone has to actually choose to open the email and also choose to open the infected attachment, in order for it to attack a system.

The act of opening an email and clicking on an unknown attachment – it is that simple. Ransomware then loads in the background and begins encrypting all of the data it can reach. When you open the infected attachment, it is not just the ransomware that loads, additional malicious applications get installed. These other apps call back to the owner of the ransomware to notify them of their newest victim and to report whatever information they find.

Ransomware is an epidemic because people are still opening questionable emails and clicking on unknown links in large quantities. It’s not a new concept and has been around for years now. The problem is that average people, even employees, are still opening and clicking.

How do we solve this? How do we educate users? Visual examples are the best form. Impacted people and organizations should share what these dangerous emails and attachments look like. The examples could be formatted to show why the email was risky and how the person could have evaluated it.     Educating the public with real life examples goes a long way toward reducing infections from ransomware.

Let’s say you are hit by ransomware – how do you limit it?   First, do not log into your local PC or work computers as a local administrator. Use a normal user account for daily work. Second, ensure that your local backups (whether usb drive or cloud backup) are not connected when you open email or use the Internet in general. If data is not accessible when you are infected, the encryption will be limited.

Businesses, cities, and other larger entities have more concerns. When ransomware hits a computer connected to a network, the ransomware will spread as far as it can. This means that organizations with computer networks need to do the same thing users at home should do. Make sure employees are not using admin accounts for work, using a normal user account instead. Check that your backups are not directly connected and have anti malware running. The last suggestion is more advanced in nature but not hard to do today – this is segmentation. If you physically segment your business networks, the infection can only spread so far. Isolating critical pieces of business on their own segments is a huge help.

People are the primary solution to ransomware. It’s people, no matter their role, that will stop the spread of ransomware. Read about the last few attacks to learn how each organization was impacted. Determine what they did to limit or avoid infection versus letting it spread all over. Educate people to be cautious with email and talk to your IT teams to ensure they know how to limit ransomware or stop it when it comes knocking at your door.

About Automated Systems, Inc.

Since 1981, Automated Systems, Inc. has been a leader in providing innovative core banking, digital banking, and data processing solutions to community banks nationwide.  An array of integrated applications provide partnered banks with tailored, cost-effective, competitive choices.  ASI delivers industry-leading technology backed by unparalleled in-house conversion, training and support teams; paving the way for progressive, top-notch customer service.  ASI corporate headquarters are located at 1201 Libra Drive, Lincoln, NE 68512, 1.800.279.7312.  For more information about banking solutions from ASI, visit www.asiweb.com .

About Insite Data Services

IDS data application hosting services combines secure and cost-effective core banking applications, enterprise-class servers and storage, and proven virtualization technology.  IDS hosts all of the bank’s servers in secure data centers that use state of the art security systems including identity verification and biometric scanning.  Insite Data Services also offers IDS On-Time, a full-service solution dedicated to back-office bank processing.  These operations experts allow partnered banks to focus on their most important asset, their customers.  For more information visit www.insitedataservices.com.

About The Author

Don Pecha
Don Pecha
Don Pecha is the Information Security Officer at Insite Data Services, our solution that offers service hosting and back office processing. He is involved with our Security and Information teams.

No Comments

Leave a Reply