Recently, a virus known as “CryptoWall” infected the Dickson County Sheriff’s Office. This virus was able to encrypt a large number of critical files on the department’s network, and thus rendered them inaccessible. The hacker demanded a ransom of $572 to decrypt the files, giving the virus its nickname “Ransomware.” The department chose to pay the ransom. Much worse was the Hollywood Presbyterian Medical Center in Los Angeles, who elected to pay $17,000 in ransom to their hackers.
CryptoWall infections most often start when a user opens a link or attachment in a malicious email, or when they visit an infected website. The CryptoWall virus seeks out files on your computer’s filesystem and on any network drives to which your computer is attached, and then encrypts these files in a fashion that can only be reversed if you possess a special key.
Infections like CryptoWall happen daily and the results can be devastating. The ramifications of an infection like this are particularly severe for companies that must comply with HIPAA regulations: an infection like this constitutes a breach that must be reported to the Department of Health and Human Services.
Would your systems be able to prevent a cyber attack like CryptoWall? Cyber attacks happen because often companies do not follow a diligent, multi-step cyber attack prevention plan. It takes more than one or two preventative steps.
Here are the top reasons your network is not safe from an attack:
1. Lack of Culture around Cyber Security and Internet Safety
Cyber security and internet safety need to be part of the culture from the top down.
2. No Mail Filtering
Mail filtering happens before an email hits an inbox. It’s the first line of defense against malicious email.
3. No Web Filtering
Web filtering is one of the best ways to prevent a cyber attack. Effective web filters maintain dynamic lists of malicious websites, and will prevent people from accidentally opening them.
4. Poor Patch Management
Viruses like CryptoWall exploit security bugs in common software, such as Microsoft Office, Adobe Flash Player and the Java Virtual Machine. If you are not keeping your systems up to date, you are a target. You should consider a dedicated team to manage your systems and security.
5. No User Training
Ultimately, everything comes back to human beings’ actions online. Empowering people with knowledge is the best step you can take to improve the security of your networks.
6. Poorly Deployed Anti-Virus or No Anti-Virus
Anti-virus software is your last line of defense. If an infection is not caught until your anti-virus, it means all your other defenses have failed. Good anti-virus is essential, but it is NOT a complete solution.
7. Zero Disaster Recovery Plan
Last, but not least, your saving grace. Can you depend on your backups? When it comes to your Disaster Recovery plan, you should ask yourself one question: “Can I recover from a breach?” If your answer is not “Absolutely,” you need to rethink your strategy.