Ransomware Attacks Rose Rapidly in 2017: Here’s How You Can Protect Your Data

Unless you avoided reading or listening to the news last year (and with everything going on in the world who can blame you), you no doubt heard reports of ransomware attack after ransomware attack occurring in 2017. This type of hacking issue, where cybercriminals break into individual or company systems and hold data for ransom, is rife right now, and according to one report, actually increased almost ten-fold last year.

As such, no matter which industry you work in, and whether you’re an entrepreneur, freelancer, contractor, or employee, it’s imperative to keep all your important information safe from prying eyes, and from downtimes as a result of it being held captive. Read on for some steps you can take to avoid a ransomware attack this coming year.

Install Security Software and Firewalls

First off, one of the simplest things you can do to protect your data is to install top-quality security software on all the devices you use. There are many different products on the market these days, and while there are certainly numerous free versions available, it’s best to op for maximum security software that will protect your gadgets from all types of digital threats, not just some.
Security programs will stop your networks and computers from being infected with malicious code that enables hackers to get access to your data, and they’ll work to protect your privacy when online, shopping and browsing sites where you might put in sensitive details which can again potentially be used to break into your systems.
Firewalls are another line of defense well worth implementing, as they help to stop cybercriminals from breaking in via an internet connection. As above, you can buy a third-party product online or in a department store, I.T. shop, and the like, but it also pays to check your computers to see if they already have something pre-installed on them. Many do these days, as part of their manufacturing process. However, note that these firewalls may not be activated automatically, so double check the settings on your device to ensure your version is doing its job.

Use Proper Passwords

Next, don’t forget to always use hard-to-guess passwords on your devices. This includes not just computers, but also your Wi-Fi router and any smart-home products you have in your property. You should also use comprehensive codes on the various websites and other types of portals where you log in to store or access personal information.


Good passwords are always a minimum of eight characters long (the longer the better, usually, because this makes them harder to crack), and are made up of a mixture of upper and lower-case letters, plus numbers, and symbols. Also, be careful not to use any identifying names or numbers in your codes which hackers could guess from checking out your information online. This includes things you could post on your website or social media pages, such as birth dates, addresses, pet or family names, and lucky numbers.

Be Wary of Suspicious Emails, Links and Attachments

Another key step is to be aware that hackers tend to regularly gain access to systems by way of malicious code they implant in emails, links, and attachments. Often you will open or click on something, not realizing that in doing so, you’re making it easy for cybercriminals to run code surreptitiously on your machine that will crawl through looking for information and taking note of keystrokes.
As such, to stay safe you should never open emails or attachments from people you don’t know, and be on the lookout for messages which have been designed to look like they’re from a legitimate company you regularly deal with, such as a bank or telecommunications firm, but that are really sent out by a hacker. Be careful on social media sites too, particularly of clicking on links on ads or over-the-top headlines which are created specifically to attract more attention and get more clickthroughs.

Update Often

Lastly, remember to update your tech gadgets on a regular basis too. Install the latest versions of not just your security software programs and firewalls, but also the operating system you use, the browsers, apps and plug-ins on your computers, and your passwords (generally around every two to three months works best here).
It is wise to set up programs to automatically update when a new version has been released. However, if you really don’t want to do this, or if you run some kind of software which doesn’t have this feature, make sure you post regular reminders in your calendar or diary to check for and arrange manual updates.

Jackie is a content coordinator and contributor that creates quality articles for topics like technology, business, home life, and education. She studied business management and is continually building positive relationships with other publishers and the internet community .

Four Questions For: Tod Beardsley

Why do you believe it is important to have open source security software? Wouldn’t that make it easier for hackers to crack the code?
Yes, and this is a good thing! Open source is especially important for core security functions precisely because everyone can take a look at how the security is actually implemented. Hackers, researchers, academics, tinkerers — when everyone can see how security works, everyone wins. People can learn from both good implementations and bad, vulnerabilities can be discovered and disclosed before and while bad actors are exploiting them, and ultimately, open source can help promote a clear, concise, maintainable code base.
What are some easy security protections for companies to implement, especially companies that have never dipped their toes in any kind of security investment?
Companies who are new to the software distribution game should look to assembling, rather than inventing, their own software. Using standard libraries and frameworks can solve many “old” and “easy” computer security problems before they come up. While there are occasional cross-library vulnerabilities, the path of writing one’s own control software opens up a Pandora’s Box of unsanitized input and buffer overflows. Modern application frameworks tend to do a pretty good job at helping developers avoid 99 out of 100 “gotchas” in secure design.
With ransomware crime on the rise, how can everyday citizens protect themselves against being “held hostage?”
The security industry, as well as regular IT industry, has been advocating reliable backups for decades in the context of sudden and unpredictable disaster. A silver lining to the ransomware threat is that it helps promote the idea of backups in the face of malicious, rather than merely accidental, disaster. My hope is that ransomware is the emotional kick that people need to actually take backups and distributed data storage seriously.
What do you predict will be the next major issues in cybersecurity? What industries or devices are particularly vulnerable?
Distributed, malicious computing using a network of popular but insecure IoT devices seems practically inevitable; in particular, the massive install base of small office / home office (SOHO) routers. The problem with a router-hosted botnet is that these devices often don’t have a reasonable patch pipeline, so such infections can last a long time — potentially much longer than standard desktop and server malware.
We saw a hint of this in the “HackCensus” of 2012, where an unknown person temporarily took control of hundreds of thousands of insecure home routers to conduct mass portscanning. While the Carna botnet seems to have been short-lived, it’s only a matter of time before this large, installed base of ready-to-pwn devices gets marshaled into malicious computing again.
Tod Beardsley
Tod Beardsley is the Principle Security Research Manager at Rapid7. He has over 20 years of hands-on security knowledge and experience, reaching back to the halcyon days of 2400 baud textfile BBSes and in-band telephony switching. Since then, he has held IT ops and IT security positions in large footprint organizations such as 3Com, Dell and Westinghouse, as both an offensive and defensive practitioner. Today, Beardsley often speaks at security and developer conferences on open source security software development, managing the human “Layer 8” component of security and software, and reasonable vulnerability disclosure handling. He can be contacted via the many addresses listed at https://keybase.io/todb.

Four Questions For: Ben Rothke

What do you consider to be the biggest challenges facing cybersecurity today?
Some of the challenges are: not enough information security staff.  This is compounded in part by firms being unwilling to pay information security professionals market rates.
Solutions are being rolled out before adequate security review.  Think IoT.
Complexity of systems combined with interconnectivity of many systems leads to myriad avenues for attack. Remember, an attacked only has to find one opening. The owner of the system has to protect every opening.
Will hackers eventually shut down hospitals, break into our medical devices and inflict physical harm on people?
 Eventually? Actually, this is old news. In the last few months Hollywood, CA Presbyterian Medical Center paid $17,000 in bitcoin to ransomware hackers, MedStar Health reported malware had caused a shutdown of some systems at its hospitals in Baltimore, and Methodist Hospital and Prime Healthcare both had phishing-based ransomware attacks. There are many reasons why hospitals are the perfect targets for ransomware and other types of attacks. Hospitals have long build applications with an emphasis on speed an available, as opposed to security. That makes sense, as an emergency room physician shouldn’t have to search for their SecurID token to use the defibrillator.  The downside to that is the easy access approach to defibrillators often translates into easy access to master patient databases.  For a large medical center, that means that millions of records are at risk due to lax information security controls.
Balancing ease of use and strong security controls is a challenge, but acutely so in the medical field.
As to medical devices, some of the manufacturers thought their information security people were as smart as their pharmaceutical engineers. The reality was at times not like that and medical devices were produced without effective security controls.
The following horror story is not atypical: when I was at British Telecom Professional Services, we had proposed a large project to assist a cardiac device manufacturer with their product. Bruce Schneier was with BT at the time and was in a speaking tour of Europe. We arranged that Bruce would stop there and give them an hour-long briefing on the importance of medical device security. They completely misunderstood his message and thought they could do it on their own.
Considering all of the hacks into our governments’ and political organizations’ servers, how likely is it that we will see our voting systems successfully hacked?
I wrote a piece in 2001 titled: Don’t Stop The Handcount; A Few Problems With Internet Voting.
The same problems that existed then, exists now. Considering we can’t keep guns and drugs out of maximum security prisons, it’s ridiculous to think the US Government could deploy a voting system that isn’t highly vulnerable to attack.
It is actually a difficult task, to create a voting system to support hundreds of millions of users, in tens of thousands of physical locations, managed by people who often have little to no technical background. It’s not that a tamper resistant voting system can’t be developed. It’s just that we won’t see it for at least a decade
What is there to be positive about (in regards to cybersecurity) in the face of security threats, cyber warfare and government hacks?
In the past, security was all about fear, uncertainty and doubt.  Now, hardly a day goes by without a story in the Wall Street Journal or Financial Times about information security. That makes the job of selling security much easier.
Many more universities are offer computer security training for computer science graduates, so the book of that with computer security training is much greater.
Security awareness is also required for standards and requirements like ISO/IEC 27001 and PCI DSS, so the trickledown effect means that the information security awareness level is going up for the rank and file employees.
ben-rothke
 
Ben Rothke, CISSP, PCI QSA is a Principal Security Consultant with Nettitude, Ltd.  He has over 15 years of industry experience in information systems security and privacy.
His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design & implementation of systems security, encryption, cryptography and security policy development, with a specialization in the financial services and aviation sectors.
Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and is also a frequent speaker at industry conferences, such as RSA and MISTI.
Twitter: https://twitter.com/benrothke
Blog: https://www.rsaconference.com/blogs?category=security-reading-room

Ransomware is on the rise, oddly

When cybercriminals hit a wall on one type of attack they try another and another until they eventually find a hole and get through. Rarely do they pack up their bags and go home, unfortunately for us. And so different kinds of malware come and go depending on where attackers are having the most success.

According to the latest threat report from McAfee, malware developers have turned their attention to “ransomware.” This kind of malware holds part or all of a victim’s computer or data hostage. The malware encrypts data or the entire computer and then, using anonymous payment methods, demands money to restore it. The scam is nothing new, according to McAfee. One of the first Trojans seen on the PC, the AIDS-Trojan in 1989, worked exactly this way, but for many years such attacks were rare. Now they have become more common. In fact they are on the rise and this quarter McAfee reports that it saw ransomware at its busiest ever. The number of new ransomware threats increased to more than 120,000 during the second quarter, almost double the number of threats from the first quarter.

This is particularly discomforting as one would think Internet users (and McAfee customers) would be aware by now that you should not give in to demands for money by anonymous sources on the web. Are companies or individuals really giving up money without a guarantee of getting an unlock code in return?  McAfee does not report how successful these attacks are, only that they are on the rise. But as noted earlier, cybercriminals wouldn’t be bothering with these kinds of attacks if they weren’t having some success.

Ransomware is particularly problematic, says McAfee, because the damage is instant and commonly a machine is rendered completely unusable. So not only is the victim’s data destroyed, but some of the victim’s money is also gone if he or she attempts to pay the attacker’s ransom. The situation can be much worse in an enterprise if the malware encrypts all the data that a victim has write-access to on a corporate network.

McAfee’s answer? Back up your systems on a regular basis and consider using access protection rules in your security products. The problem with access protection is that it is only helpful when the attack is a known attack. Most malware today is not on any list of bad software, it is disguised as something a user would recognize as good. Remember the email sent to the RSA employee in HR, with the subject line and attachment  “2011 Recruitment Plan”? The employee opened the attachment and unwittingly unleashed one of the most successful attacks in corporate history.

The approach that traditional security products take of trying to look for all the bad things in the world and attempting to stop them, doesn’t work anymore. It’s time to think differently about protecting corporate assets. And McAfee’s threat report, while interesting, does not offer a solution to this problem.

Question of the week

How is it that ransomware threats are still successful?