On November 10, 2016, the U.S. Federal Trade Commission (FTC) released new guidance for businesses and consumers on the impact of, and how to respond to ransomware. Ransomware is a form of malicious software that infiltrates computer systems or networks and uses tools like encryption to deny access or hold data hostage until the victim pays a ransom. Ransomware incidents have increased over the past year, including a number of high-profile attacks on health care organizations.
For businesses, the FTC released Ransomware – A closer look with a companion video Defend against Ransomware. A copy of both can be found here.
According to the FTC, if your business holds consumers’ sensitive information “you should be concerned about the threat of ransomware.” The FTC notes it can impose “serious economic costs on businesses because it can disrupt operations or even shut down a business entirely.”
In order to defend against ransomware attacks, the FTC recommends businesses invest in prevention through:
- Training and education: Implement education and awareness programs to train employees to exercise caution online and avoid phishing attacks.
- Cyber hygiene: Practice good security by implementing basic cyber hygiene principles (including updating software, and implementing new procedures for users).
- Backups: Backup data early and often.
- Planning: Plan for an attack. Develop and test incident response and business continuity plans.
For those businesses hit with a ransomware attack, the FTC recommends organizations take the following steps:
- Implement the continuity plan: Have a tested incident response and business continuity plan in place.
- Contact law enforcement: Immediately contact law enforcement, such as a local FBI field office, if an attack is discovered.
- Contain the attack: Keep ransomware from spreading to networked drives by disconnecting the infected device from the network.
For consumers, the FTC released How to defend against ransomware. A copy of this guidance can be found here. The FTC recommends consumers take the following steps to protect against ransomware:
- Update your software: Use anti-virus software and keep it up to date. Set your operating system, web browser and security software to update automatically, and on mobile devices do it manually.
- Think twice before clicking on links or downloading attachments or applications: You can get ransomware from visiting a compromised site or through malicious online ads.
- Back up files: Back up files whenever possible, and make it part of your routine.
If you are a victim of a ransomware attack, the FTC recommends:
- Disconnecting the infected devices from the network;
- Restoring the infected device where possible; and
- Contacting law enforcement.
If you or your organization becomes a victim of ransomware, or you are interested in developing a comprehensive prevention plan, Dentons’ Privacy and Cybersecurity Group is ready to help.