What is Ransomware?
Art+Logic’s Minimal Viable Podcast
So, what is ransomware and can we prevent it from hitting us? In the wake of the Colonial Pipeline attack, the impact of ransomware has become more obvious than ever to the general population. There’s heightened anxiety about being vulnerable to an attack and concerns have grown about how to react when it happens. In this podcast, I’ll speak with Jeff Stice-Hall, an expert in software security, about ransomware, Darkside, and how his child’s school responded to a ransomware attack.
If your organization is already covering the critical security hygiene topics above, some other important tactics include:
- Employ strong spam and malware filtering for all company/personal email accounts
- Aggressively update software versions where possible, as soon as possible, for all devices
- Employ antivirus/antimalware programs to regularly scan for known malicious software
- Filter network ingress/egress traffic using sound firewall and defense-in-depth techniques
- Limit the use of risky protocols, particularly remote access protocols like RDP, SSH
- Exercise caution and skepticism for software downloaded from Internet; scrutinize its source, the reputation of the software author; “too good to be true” offers
- Avoid cracked or pirated copies of software, including cryptocurrency tools
- Review logs, warnings, alerts across critical systems regularly
- Employ and monitor network traffic and endpoint devices for indicators of compromise or suspicious malware behaviors
- Isolate infected machines/systems from networking and other resources
- Turn off affected devices only after memory forensic snapshots are complete or determined to be impossible
- Secure backups; ensure they are not connected to affected systems and are offline from affected network
- Contact authorities and seek external expert help
- CISA Cyber Hygiene Services (govt and critical infrastructure businesses)
- CISA Ransomware Guide (Sept 2020)
- CISA Alert AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
- FTC: On Guard Online; personal cybersecurity tips
- Microsoft: Protect your PC from Ransomware
Art+Logic has been designing and developing innovative custom software since 1991. We have built software for over 900 clients from a diverse set of industries including education, aerospace, music technology, consumer electronics, entertainment, financial services, and more. Coding the “impossible.”®
ABOUT DIGITAL MAELSTROM
Digital Maelstrom is a technology advisory firm that specializes in IT strategy through the innovative application of Custom Software Development, IT Operations, and IT Security proficiency and expertise.
A maelstrom, better known as a whirlpool, is our symbol of the stormy constant change in technology. Our team is the tranquil sage who guides the client on their path to accomplish well their business goals. The firm was founded in Kansas City back in 2006 to serve clients from coast to coast, small to large, and everyone in-between.