Security/Emergency Information

Ransomware strikes close to home

Posted on August 22, 2019

Photo credit: WFTV News

Today, the New York Times reported that “This has been the summer of crippling ransomware attacks” to all types of computer systems. Not only have 40 municipalities been struck — their data encrypted and a ransom demanded — but last week there was a report that another synagogue ransomware attack investigated by the FBI.

Cyber-hygiene. If you look closely at the screenshot above, you will see a pop-up from the anti-malware provider  Malwarebytes, stating that its database is out of date (Oops!). What should you be doing to ensure a good cyber-hygiene regimen? (see a longer article from Symantec here)? What can you do to protect your data?

  • Deploy an antivirus/anti-malware product. An up-to-date, real-time antivirus might stop a cyber-attack.
  • Backup. Make sure to back up your important documents and keep a backup set offsite (in case of fire, etc.). There’s no excuse. These days, cloud backups are free or low-cost and you can automatically sync documents to your cloud account.
  • Update, update,update. It’s a constant battle. Bad actors learn how to sneak into our systems to do bad things. Software providers constantly provide security patches designed to close the open doors that bad actors use. Update your operating systems (Window or Mac), browsers, remote management software, Adobe products, Microsoft products, firewalls — everything. True, updates sometimes cause problems, but not updating leads to worse problems.
  • Use a firewall.  Firewalls are the guards designed to protect your network from the internet. Whether you have a hardware or software firewall, it is critical that you keep it up to date.
  • Set strong passwords and use two-factor authentication. People still use easy-to-guess passwords like, “Welcome123”, fail to change default passwords, or use the same password for multiple sites. Check out password tips from Google here. Check out a good primer from PC Mag, Two-Factor Authentication: Who Has It and How to Set It Up.
  • Before you pay a ransom ask for help! Contact the DHS Cybersecurity and Infrastructure Security Agency (CISA), the FBI, or the Secret Service and work with an experienced advisor to help recover from a cyber attack. Victims of ransomware should report it immediately to CISA at www.us-cert.gov/report, a local FBI Field Office, or Secret Service Field Office.

Consider cyber-attack insurance. Cyber-attacks can be costly. Even if you are following all of the steps recommended above and have current backups of everything, you may still be attacked and getting back to business may be costly. A compromised computer or network will have to be restored. If there is a data breach and your members’ confidential data is compromised, other steps will have to be taken. Work with your insurance broker to determine what it would cost to recover from a cyber-attack versus the cost of the policy and do a cost-benefit analysis.

Note: Membership records. The synagogue was lucky, their membership data is stored in the cloud (e.g., Chaverware, ShulCloud). Most of the established synagogue management software stores data online, encrypts it and backs up its database. User agreements should specify that it is the vendor’s responsibility to protect your data and to be prepared to quickly restore it.

For more information visit the CISA Resource Page on Ransomware.

 

Alerts and information about security and emergency preparedness for Jewish organizations.
View all Security/Emergency Information posts