Ransomware Hits the U.S. Congress: Are You Protected?


Cybercrime attacks do not have biases, preferences or limitations. On May 10th, 2016, various news media outlets reported that the United States Congress had been the latest target of ransomware, a certain type of cybercrime attack that executes malicious code and holds data hostage until a monetary demand is satisfied.

Details about the ransomware attack explained that it specifically targeted Members of the House of Representatives who use third-party email services provided by Internet giants such as Yahoo and Google. At one point, the risk poised to the House of Representatives network was so great that technicians blocked access to Yahoo Mail.

How Ransomware Works

Ransomware is typically malicious code executed without the knowledge of the victim; it typically infects a system via email, through viral propagation or within a Trojan horse. The most typical attack vector is a Web link within an email message.

Once the malicious code executes, it proceeds to encrypt all files within the system. Ransomware has been known to work on desktops and mobile devices; forensic studies of this cybercrime attack suggests that the perpetrators hide JavaScript within zip files that seem to be sent by trusted contacts. After the victim has been locked out of his or her data by means of encryption, the attacker delivers a ransom note demanding money in exchange for an encryption key.

Protecting Against Malware Attacks

protectIf there is anything to be learned from the ransomware attacks on the House of Representatives is that no system or network is impervious to cybercrime these days.

Business owners are particularly vulnerable to malware infections and attacks such as ransomware because hackers think that security budgets are tighter for smaller companies. Many small companies are not able to afford an in-house information technology expert and instead have an IT service provider managing their infrastructure.

The following steps can be taken by business owners and managed service providers (MSP) to protect network systems:

1. Never operate any computing device unless it has a reputable antivirus solution installed and up-to-date. A new option for business owners is to install a security suite, which features more than just a virus and malware scanner and can also protect mobile devices.

2. Employees should be trained on basic aspects of network security, particularly with regard to the use of third-party email, social networks and mobile apps. One important security topic involves being able to detect potential phishing attacks, which usually preclude other actions such as network breaches.

3. Create a culture of safety among staff members. Instead of restricting Web access, it may be better to install a browsing tool that provides information on the reputation and safety of websites visited. This security strategy pays off when employees take their mobile devices on the road and connect to unknown networks.

4. Choose a comprehensive backup and recovery strategy. With all the cloud and external storage options available these days, it is inconceivable for any business to lack a backup plan for the purpose of cybercrime mitigation and disaster recovery. Ransomware attacks, for example, can be easily handled when data has been safely backed up and synchronized in a secure location.

In the end, if the U.S. Congress can fall victim to cybercrime attacks such as ransomware, so can any American business. It is important to note that the House of Representative was targeted, but network security personnel were able to detect the threat and contain it in time.

Small business owners may not have the luxury of a full-time, dedicated IT staff that can apply security measures constantly. For this reason, it is vital for business owners to find alternatives as an MSP that follows the four measures listed above.