Pub. 10 2015-2016 Issue 6

March/April 2016 21 Extraordinary Service for Extraordinary Members. Leticia Saiid is a Security+ certified tandem software support specialist for CoNetrix. tandem is a security and compliance software suite designed to help financial institutions develop their Information Security Programand test their employees’ knowledge with tandem Phishing. To learn more about how CoNetrix can help you with these areas, visit www. CoNetrix.com or email info@CoNetrix.com . Ransomware Hits Home Leticia Saiid, Security+, CoNetrix TECH TALK A RE YOU FAMILIAR WITH THE typical ransommovie? The bad guy steals a kid or a wife and demands money in exchange for their safe return. Requests often come in the formof magazine clippings. Perhaps you’re more familiar with the ever-classic bank hold-up; the bad guy wants money in exchange for the safety of hostages who happen to still actually go into a bank. Times are changing. Ransomdoesn’t work the way it used to. You can’t see the bad guy headed toward you from the window. So, what is ransomware? It’s genius really. A ransomware attack is admin- istered through social engineering. You are enticed to open an email, click a link, or click a pop-up. When you do, you are the lucky winner of a ransomware virus! Now the hacker has control of your de- vice. This can be any device: a tablet, cell phone, desktop, or laptop. And if you’re on a network, the landscape for destruc- tion is even greater. An advanced hacker can gain control of your entire network. What happens next depends on the cre- ativity of the hacker. Some simply lock down your systemand demand payment to restore it. Others apply more fright- ening threats, like deleting your data if you don’t pay promptly. Others are more maniacal and display embarrass- ing content on your machine, such as pornography, until you pay. They won’t ask for too much money, just enough that you would pay it to avoid the hassle of a proper investigation. In the great city of Lubbock, Texas, where CoNetrix is headquartered, a local business just experienced their first ransomware assault. The small print shop started noticing suspicious emails over a period of several weeks. One employee eventually opened the contents of a suspicious email. Within seconds, all systems were locked and a ransom message displayed. With all systems locked, business came to a halt, as it would for any company. The notice demanded 10 bitcoin, which is a little over $4,000. What would you do? Would you pay the ransom to get back to business? That’s what a hospital in Los Angeles did. They paid out $17,000 just to regain access to their network. Our local print shop, however, did not pay the ransom and had an IT professional restore their systems to backup. Now, I wouldn’t ever recommend paying the ransoms set out by ransom- ware. That just lets the hackers off the hook, giving them the opportunity to exploit the next company, or even to exploit you again. But it will cost you work and time to wait for an IT spe- cialist to recover your system. While you wait, notify the FBI as well as an information-sharing group, such as the Financial Services Information Sharing and Analysis Center (FS-ISAC), about the attack. Include details about what themessage looked like, who it appeared to come from, and what it did to your system. This will hopefully help others in the future. Proactively avoid the pains of ran- somware by educating employees about social engineering. Make sure they know to not click on things they are not expecting to see. Teach them to not open attachments or links in emails withwhich they are not familiar. To help reduce the time and cost of a successful ransomware attack maintain frequent backups. Having information backed up means you can turn off your machine, wipe the hard drive, and restore to the backup. Then you’re back in business. It’s not good for business to have to deal with a ransomware attack. And I bet you can imagine, it wouldn’t be fun for your personal systems either! Be suspicious. Be safe. 