A ransomware attack took down the Texas appellate court system, shutting down the entire case management system, blocking court offices from accessing the internet, and potentially encrypting or blocking access to other data as well.
This state court ransomware attack was one of three major attacks on Texas infrastructure in the past year alone. The Texas Department of Transportation was also hit just a few days after the courts’ systems were compromised, and over twenty Texas towns suffered a similar attack in late summer of 2019.
What is Ransomware?
Ransomware is what it sounds like: malware used to make ransom demands. This software exploits security holes and takes over computer systems and takes data hostage either by encryption or blocking user access until the user pays a demanded sum. Once it infects one computer, the ransomware can travel to other computers through the internet and cloud-based file sharing programs. That’s why cyber criminals will often target large organizations to take advantage of the network and infect as many computers as possible.
How to Avoid An Attack
Ransomware protection doesn’t need to be hi-tech. In fact, a lot of ransomware protection measures have few technical requirement. This list will help you get started as you develop your cybersecurity and ransomware protection habits.
Keep systems up to date
Your number one defense is making sure you keep your operating system and anti-virus security software updated to the latest version. Malicious actors tend to exploit weaknesses in your systems, and software providers, including providers of security software, put out security patches precisely to fix those security gaps as they find them. For instance, the WannaCry attack in 2017, which hit more than 200,000 computers, targeted machines that hadn’t installed the most recent Windows update; computers with the newest update were protected.
Be a cautious and savvy internet user
One way malicious actors attack computers is by getting users to click on a link or email attachment that triggers a ransomware infection download. In what’s called a phishing attack, they’ll email you from what looks like a legitimate organization, such as a business associate or vendor, and ask you to click on the link in the email to do something that seems normal, such as verify payment information, or register to take advantage of a discount. But as soon as you click, the malicious software download starts. The same can be true of popups online.
To avoid accidentally installing malware, avoid clicking on pop-ups online or links or attachments (even if it is a PDF attachment or other familiar file extension) from suspicious emails or emails from unfamiliar parties. Keep an eye out for typos and grammatical errors in the body of emails (which may indicate that they come from a bad actor). Verify that the domain name in the sending email is a valid company or website. Additionally, when a company reaches out asking for information, ignore the request and contact them independently to verify the source.
Think you can identify phishing attacks?
Use strong and varied passwords
Apart from phishing attacks, malicious actors sometimes engage in brute force password attacks, which basically involve trying as many passwords as possible to break into your system. According to research by one cybersecurity company, nearly a third of ransomware attacks are conducted using brute force techniques.
It may seem like too basic a step to be effective, but actually using a different, hard-to-remember and hard-to-guess password for each of your logins can be a very effective way to thwart these attacks. Try making your password a sentence or phrase rather than just a word, and check out password generators and password managers as options to keep your data safe.
Back up your data
Periodically back up your data on an external drive that you keep unplugged from your computer when you aren’t updating it to have an option to create a system restore point. If ransomware takes over your computer, you’ll need to disconnect your device from the internet and completely wipe the device. If you’ve backed everything up, you’ll be able to do a system restore and access most of your files!
Compartmentalize your organization
Ransomware spreads from one device to another over the internet and, within companies’ private servers, over file sharing services. To mitigate the effects of an attack, try and compartmentalize data: limit file access to those who absolutely need it. For particularly sensitive departments or roles, like accounting and CFO, you might even consider having two company computers one that’s used to access company accounts and banking information, and which is is on it’s on Virtual Local Area Network, or VLAN, (meaning it doesn’t communicate or share information with the rest of the company network) and another used for normal day-to-day work. This type of segmentation can help prevent ransomware from spreading from an infected computer to your entire network.