Protecting Yourself and Your Clients Against Ransomware November 2, 2017

Ransomware attacks are an increasing threat to the public. These attacks indiscriminately affect countless computers and can cause permanent loss of personal, organizational and client data every year. These attacks are responsible for billions of dollars in lost productivity, damaged reputation, and direct financial loss. Even the IRS has warned tax professionals that ransomware attacks are on the rise worldwide, and has launched a security awareness campaign called “Don’t take the Bait” to help tax professionals navigate these threats. You may be asking yourself, “what is a ransomware attack”? Or more importantly, “how do I protect myself, my organization, and my clients from them?

What is Ransomware?
Ransomware is malicious computer software or malware. Once malware has made its way into your computer it infiltrates itself into the operating system, blocking access to files. It can affect your spreadsheets, client tax returns and affect your ability to work. Over a series of days, your files, spreadsheets, photos and documents will be silently encrypted and you will lose access to them. Once the encryption process is complete your system will be locked up and a ransom notice displayed. The notice will give a bounty amount and a time frame to comply. You will have the option to either pay the bounty or risk losing your files forever. Most people don’t even know that they have been infected with ransomware until they are prompted with a ransom request. As financial professionals, we are not only obligated, but legally required to protect our client data. Therefore, these ransomware attacks pose a critical threat to our organizations and our clients.

How does a ransomware attack take place?
The most common methods for a ransomware to infiltrate your system is through email, a malicious download, or a compromised software package. The malware is commonly acquired by opening an email attachment, using a compromised USB memory stick, or downloading from a hacked website.  

Recommendations to stay safe and secure:

1. Email protection. Email and spam filters provide a base layer of protection by filtering potentially threating emails out of your inbox. Fine-tuning your email security settings with email authentication, email file scanning, and additional add-ins for security can add much needed additional protection. Check out Google’s Gmail and Microsoft’s Office 365 for great email hosting with built-in security.

2. Lock down email settings. Most programs like Microsoft Outlook, Word, and Excel offer extensions and security setting adjustments that can be used to mitigate the opportunities for malware infiltration. Check out this article from Trend Micro on how to enable encryption in Outlook.

3. Security software. Utilize up-to-date anti-malware and firewall protections for your network. Check out Trend Micro for superior system and network protection. It includes protection for email, operating system, and all your files.

4. Web Browser ad-blocking. Ad-blocking software can also be added to prevent a malicious site from being clicked by way of an ad banner. Check out Ghostery and Ad-Block Plus for fantastic tracking protection and advertisement blocking. These solutions work on all popular desktop browsers. These two extensions will help keep your browsing experience secure, anonymous, and ad-free.

5. Monitor file access. Rapid file overwriting is one of the key signs of ransomware attacks. Monitoring access to file servers can provide early detection to potential attacks, and allow you to place the computer hosting the attack into quarantine mode, potentially saving the rest of your network. Additionally, consider adding a business grade firewall to your network to monitor access to your network and systems.

6. Update. Always download the latest security patches and updates for your operating system, Internet browser, software, and hardware firmware. Check out this useful article from Carbonite on the different methods and techniques for keeping your system up-to-date.

7. Regular Backups. Keep your system and servers regularly backed up. Many ransomware attacks will access backup files and encrypt those as well, simply because they can be easily accessed through the server. Having multiple file backup sources and keeping those restore points current, testing them often is the best fail safe for any critical attack. Looking for an easy solution? Check out Crashplan and Carbonite for affordable and reliable cloud backup.