With the detection of biggest online extortion cyber attack - the 'WannaCry Ransomware', the world has been forced yet again to rethink, reevaluate and restrategize their push for digital economy and transactions. Today in the times of technology, where even the simplest of tasks are dependent on the digital world, even a simple email that you forward to your friend can put you at the risk of such attacks. Ransomware attacks are a very serious cause of concern for general people students, consumers and companies alike. Apart from capturing the crucial and confidential private information at risk, such attacks also impact the digital economy and bank transactions that deal with our hard earned money.
To understand how you can keep your information and money safe in the digital world, you need to first understand what is the Wanna Cry Ransomware Cyber Attack All about. There is a lot of noise, rumours and speculations floating around with regards to it and it’s time someone de-cluttered the whole thing.
What is a ‘Ransomware’ attack?
The Cyber attacks involve malicious software that blocks access to valuable and confidential data assets and demand a ransom to release the same. The Hackers create a fake email address and get the victim to click on infected link or attachment while pretending to be a friend. The target of such attacks is mostly Health / Education / Social sector.
What can you do?
Every time, there is a major cyber attack, people feel scared, think about the possible implications of the same and then move on without actually shielding themselves from the future attacks. We assume that the responsibility of keeping our information and money safe lies with the companies or banks whose products we use. This is without a doubt very true, but is that enough when it comes to safeguarding yourself and your money. While companies, banks and keyboard warriors work day in and day out to keep you and your digital transactions safe, you can also help them by doing some simple thinks.
In this article, we shall be evaluating the same in simple and actionable points.
How to safeguard your information and money in the digital world?
Here are some quick tips to help you keep your confidential information and hard earned money safe from hackers and malwares:
- Do not click hyper links from un-known sources, and without establishing authenticity of link even from known sources.
- Prepare a up-to-date inventory of all the “Digital Assets” at various locations/facilities being used by the various functionaries of the organization.
- Make a trustworthy knowledgeable functionary (permanent Government employee) Administrator of the Digital Assets (ADA) of the organization at each location.
- Let ADA keep all software (especially the system software) up to date, including operating systems and applications.
- ADA has to ensure back-up of all digital content located in the digital assets under ADA jurisdiction every day, including information on employee devices, so ADA can restore encrypted data if attacked by ransomware.
- Back up all digital content to a secure, offsite secret location(s) within organization.
- Distribute Back-up : Divide the digital assets and distribute the back-up locations. Don't place all data on one back-up file and share it.
- ADA in collaboration with NIC officials, to train all the staff using the digital assets including mobile devices connected to network, on cyber security practices, emphasizing not opening attachments or links from unknown sources.
- Develop a communication channel and strategy to quickly inform all employees if a virus reaches the company network.
- If every bit of data of the organization is safeguarded and back-up is kept secretly, even if hackers attack and demand ransom, Govt can launch an investigation rather than making payment.
- Mandate security auditing by ICERT empanelled auditors for all the digital assets as per GoI policy.
- ADAs in collaboration with information security teams of ITE&C Dept and NIC to perform penetration testing to detect the vulnerabilities.
- Register all the devices and digital assets. Strictly avoid usage of un-registered and un-monitored devices.
- Adopt and use standard security and data privacy policies as per advisories from ITE&C Dept, NIC/ Govt of India.
- Ensure all devices and systems are protected well with latest firewalls and anti-virus systems.
How to Stop Ransomware Attack?
The Ransomware cyber attack may use the infected computers attached with the network where you are working on. So, removing the infected machines from the network will certainly prevent the malicious software from spreading more. Reporting the attack and registering all information pertaining to same will help the investigators, or ethical hackers in mitigating the attack. Appoint one authorised spokesperson if an attack is reported on your computer.
In an era of hi-tech resources and software, the internet has emerged as a platform where we conduct almost all our important works. We send confidential information, store sensitive data and make bank transactions using this platform. It’s is not only we but the banks, hospitals, educational institutes, and other government and private organisation also use the same. This, no doubt, will pose a threat to security and future of the victim. Therefore, the gravity of the loss shows us the importance of precautions which might help us keep safe or even escape from such cyber attacks in future.