ST. LOUIS – The latest ransomware attack at Lewis & Clark Community College is just one of several attacks around the area in recent months.
The Rockwood School District suffered a malware attack over the summer. In September, the Hazelwood School District had a “computer network security issue” after seeing unusual activity and shutting down the network.
Scott Schaffer with Blade Technologies says attack attempts are up but successful attacks are down. He says this is due to companies defenses and awareness getting better.
He explains ransomware is a malware that hijacks your computer system and decrypts all files on it. There is usually a fee required from the user to restore your computer to normal. Schaffer says you should never pay the ransom. He says paying can tell the attacker they can get away with extorting you, causing
This is how to prevent a ransomware attack:
1.Run regular backups and store them outside the network. Running regular weekly backups is a must for protecting important files on your computer. Backups can be your best bet when recovering from a ransomware attack–and the bad guys know this. One of the first thing a bad actor does is to locate the backups and encrypt or delete them, forcing you to work with the attacker.
2.Utilize an anti-virus software. Even a free anti-virus software can significantly reduce the chances of your computer being infected with malware. Setting your anti-virus to auto-update ensures that your software is updated with the latest malware library.
3.Do not visit shady websites. Visiting websites that may be sources of malware will put you at a higher risk of infection. Only visit legitimate websites, and avoid visiting sites with questionable reputations.
4.Do not install programs and apps from unknown sources. Make sure that you source installation files only from official download links. Avoid getting programs from third-party providers or file repositories as there is a risk that the file you download may be infected with ransomware.
5.Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.
6.Avoid public Wi-Fi and other non-secured networks. Connections and data through an unsecured connection can be easily sniffed. As much as possible, only connect to a trusted network. Do not fall into the enticing traps of free Wi-Fi networks.
7. Train your organization. Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.
8. Keep up to date. Keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You may also want to sign up for CISA product notifications, which will alert you when a new Alert, Analysis Report, Bulletin, Current Activity, or Tip has been published.
8. Have a plan. Test your plan quarterly and learn from your mistakes. See the free CISA MS-ISAC Ransomware Guide for guidance.
This is what to do if your computer is infected with Ransomware:
1.Disconnect all connections on your computer or laptop. If possible, temporarily turn off your network and Internet connections until everything is cleared. Disabling your connections will ensure that the malware does not spread through the computers in the system or get sent through the internet.
2.Change your password. Using a different device, change your account passwords and log them out. This will help control the damage brought on by the ransomware attack.
3.Inform the authorities. The next best thing to do is to inform your local authorities. Let them know of the attack, including your suspicions on where you got the malware. This will help authorities in their investigation. Government authorities also have a wider reach to disseminate important information.
4.Inform your friends, family, clients, and vendors. Letting the people close to you know that you are a victim of an attack will keep them alert. Tell them not to open any email attachments from you as the malware could have accessed your mail client and sent a malicious file through email.
5.Engage with an Incident Response provider. Use them to help and to recover your files and perform forensic analysis. This provider may be assigned to you by your insurance carrier if you carry cyberinsurance. If you engage with another third-party IR firm, alert your carrier.
6.Never negotiate with the hackers. This is one of the most important points for you to remember. Paying the hackers would only reward them for their acts. Also, you do not have the assurance that you will get your files back or that you will not be targeted in another attack. The main motivation for these attackers is money. The moment they realize that no one is paying them for their “hard work,” they will voluntarily quit.