This Month Only! >> $20 off and a FREE SHRM tote with your membership and code TOTE2018!
Sign up for free email newsletters and get more SHRM content delivered to your inbox.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Build competencies, establish credibility and advance your career—while earning PDCs—at SHRM Seminars in 12 cities across the U.S. this spring.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.
Ransomware has become so prevalent that it has eclipsed all other forms of malware in terms of incidents. Criminals have set up call centers so victims can pay ransoms in digital currency called bitcoin, and cybercriminals are now providing one another with tech support to launch more attacks.
A type of virus that encrypts a user's files until money is paid, ransomware first reared its head in 2013. Cisco Systems, a tech company headquartered in San Jose, Calif., reports that while these attacks are most prevalent on employee laptops, ransomware is now targeting departmental file servers and other critical company infrastructure.
Sophos, a U.K.-based security company, reports that by the end of 2016, cybercriminals will have collected $1 billion in ransom payments.
But there are ways to combat what Andrew Mundell has called "the No. 1 payload of malware threats against desktops and mobile systems." Mundell, an enterprise sales engineer with Sophos, helmed the company's "Stop Ransomware in Its Tracks" webcast on Nov. 2.
Ransomware Popularity Grows
Ransomware keeps evolving, Mundell said, and criminals are perfecting ways to expand its use.
"There are a number of [ransomware] variants," Mundell said, adding, "We're seeing different variants created on a daily basis." Popular ones include Locky, Cryptolocker, Zepto, Cerber, CryptXXX and a host of others. Ransomware enters computer systems through e-mail attachments, compromised websites and even "malvertising," or fake ads containing malware.
Criminals are also changing the landscape by providing what Mundell called "malware as a service," in which they connect with one another, identify what kinds of attacks they want to launch and collaborate on how to proceed.
"The scary thing here is you don't have to have an advanced understanding of malware to be able to leverage these services," Mundell said. Some data thieves use "black market tools to easily create attacks that exploit known and unknown vulnerabilities."
Once they've infected users' computers, criminals turn to customer support systems they've created to secure payment in bitcoin, a type of digital currency that they can then exchange for dollars.
No business has been immune—not even hospitals. As SHRM Online reported in March, Hollywood Presbyterian Medical Center in Los Angeles had its systems infected with ransomware. Crooks demanded $17,000 to restore access to e-mail and electronic health records. That hospital paid the ransom. But while it mulled over what to do, Mundell said, "ambulances were diverted, electronic medical records disappeared, e-mail was unavailable, and the hospital had no access to X-rays or CT scan information."
[SHRM members-only resource: Computer, Email, and Internet Usage Policy]
Best Security Practices
Mundell listed nine best security practices companies can deploy now to protect themselves against ransomware. They include making sure:
Andrew Avanessian, vice president of technology at Avecto, a software security firm based in the United Kingdom, agreed with Mundell's last point. He told SHRM Online that "removing administrator privileges [is] an extremely easy and cost-effective way to block malware from accessing data." Avanessian added that application whitelisting and sandboxing are also effective. Whitelisting means setting systems to automatically block or disable any new [software] installations or modifications unless preapproved by the security team. Sandboxing means ensuring that the endpoints create a unique, temporary environment in which to host all external interactions, such as Internet browsing and the downloading of attachments. Was this article useful? SHRM offers thousands of tools, templates and other exclusive member benefits, including compliance updates, sample policies, HR expert advice, education discounts, a growing online member community and much more. Join/Renew Now and let SHRM help you work smarter.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please sign in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
HR Education in a City Near You
SHRM’s HR Vendor Directory contains over 10,000 companies