Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
The threat of ransomware is so great, the US and Canada issue joint security alert
#1
[Image: us_canada_security.jpg]
Malware is far from being a new problem, but the inexorable rise of ransomware has taken many by surprise. There have been a number of very high profile instances of ransomware such as PETYA, and the threat is perceived as being so high that the US and Canada have taken the unusual step of issuing a joint security alert.
The likes of TeslaCrypt 4 feature 'unbreakable encryption' and use scare-tactics to encourage victims to part with their money. This is what has prompted the joint alert from the US Department of Homeland Security and the Canadian Cyber Incident Response Centre which warns about "destructive ransomware variants such as Locky and Samas". Interestingly, the advisory actively discourages victims from bowing to ransom demands.

The advisory warns that "individuals or organizations are discouraged from paying the ransom, as this does not guarantee files will be released". However, it does recognise that "the authors of ransomware instill fear and panic into their victims, causing them to click on a link or pay a ransom". But this is said to be a bad idea as it could lead to additional malware infection, and could result in the theft of bank details and other data.
The focus is on prevention rather than cure, and US-CERT offers a number of tips aimed at both users and administrators:
  • Employ a data backup and recovery plan for all critical information. Perform and test regular backups to limit the impact of data or system loss and to expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.
  • Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
  • Keep your operating system and software up-to-date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
  • Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
  • Restrict users’ ability (permissions) to install and run unwanted software applications, and apply the principle of "Least Privilege" to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
  • Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine. For enterprises or organizations, it may be best to block email messages with attachments from suspicious sources. For information on safely handling email attachments, see Recognizing and Avoiding Email Scams. Follow safe practices when browsing the Web. See Good Security Habits and Safeguarding Your Data for additional details.
  • Do not follow unsolicited Web links in emails. Refer to the US-CERT Security Tip on Avoiding Social Engineering and Phishing Attacks for more information.

source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  TSMC Falls Victim to LockBit Ransomware Threat: Hackers Demand $70M mrtrout 0 2,071 06-30-2023 , 08:24 PM
Last Post: mrtrout
  Digital security giant Entrust breached by ransomware gang mrtrout 0 899 07-23-2022 , 12:02 AM
Last Post: mrtrout
  Firefox 98.0.2 fixes a crash on Windows, an add-ons issue, and more Mohammad.Poorya 0 1,764 03-23-2022 , 03:09 PM
Last Post: Mohammad.Poorya
  FBI's Email System Hacked to Send Out Fake Cyber Security Alert to Thousands mrtrout 0 714 11-16-2021 , 05:20 AM
Last Post: mrtrout
  Huawei Listed Anew as Threat to US National Security Bjyda 0 1,085 03-13-2021 , 09:46 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)