Of course everyone knows that hacking into a computer is a federal crime, and infecting a system with ransomware already falls into that bucket. However, California’s SB-1137, signed into law last Tuesday by Governor Jerry Brown, is the first one that specifically expands extortion laws to include ransomware.
The bill’s support in the California Senate was helped by testimony from Hollywood Presbyterian Medical Center, where operations were largely shut down by a ransomware infection. The attackers sent the decryption code after the hospital paid $17,000 in Bitcoin.
Though it’s existed for at least 10 years, ransomware has skyrocketed since September 2013 with CryptoLocker. Europol declared Wednesday it’s the internet’s “most prominent malware threat.” The FBI has issued multiple warnings to American businesses. Prevention requires a multi-layered approach.
Here Are 8 Things To Do About It (apart from having weapons-grade backup)
- From here on out with any ransomware infection, wipe the machine and re-image from bare metal
- If you have no Secure Email Gateway (SEG), get one that does URL filtering and make sure it's tuned correctly
- Make sure your endpoints are patched religiously, OS and 3rd Party Apps
- Make sure your endpoints and web-gateway have next-gen, frequently updated (a few hours or shorter) security layers
- Identify users that handle sensitive information and enforce some form of higher-trust authentication (like 2FA)
- Review your internal security Policies and Procedures, specifically related to financial transactions to prevent CEO Fraud
- Check your firewall configuration and make sure no criminal network traffic is allowed out
- Deploy new-school security awareness training, which includes social engineering via multiple channels, not just email
Since phishing has risen to the #1 malware infection vector, and attacks are getting through your filters too often, getting your users effective security awareness training which includes frequent simulated phishing attacks is a must.
KnowBe4's integrated training and phishing platform allows you to send attachments with Word Docs with macros in them, so you can see which users open the attachments and then enable macros!
See it for yourself and get a live, one-on-one demo.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: