Security Corner: Ransomware in Shortcuts — How to Prevent an Attack

Sophos’ security blog highlights a new trend in ransomware: crooks trying to catch your users unaware by placing harmful scripts inside shortcuts. Shortcuts aren’t as easy to catch compared to other files due to their ability to run code and hide their content from the user. At the risk of sounding like a broken record, please educate your employees about the harmfulness of these attacks. Here are a few tips:

  • Use an anti-virus. This was the “easy” one, right? The problem with having a “set it and forget it” anti-virus (AV) solution is that someone has to watch for updates and ensure they’re applied. If you don’t have the latest AV definitions, your protection can be outdated, since new viruses and malware are released all the time.
  • Back up critical data. The challenge in backing up critical data is understanding what data is truly “critical” and what is not. Obviously patient data ranks high on the critical scale, and HIPAA security audits go a long way in determining where that data resides. But what about work or files you can’t live without? These also need to be identified and backed up. If you’ve got a backup, you can just restore the files, and you should be good to go. 
  • Educate your workforce. This is the tough one. Enforcing clean computing habits is a hard point to get across. This includes:
    • Not opening attachments from any unknown email address 
    • Understanding what a phishing email attempt looks like
    • Sticking to low advertisement websites in an effort to cut down on java exploits from ads 

In order to help educate your workforce, here are a few links that describe how to protect yourself from phishing and social engineering attacks:

http://stopthinkconnect.org/tips-and-advice/overview/ 
http://www.onguardonline.gov/phishing
http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx
http://www.us-cert.gov/ncas/tips/ST04-014

Please contact us if you have any questions or would like further information on how Systeem can help prevent these types of attacks in your practice.