Tech Tips will be a regular feature on our blog, courtesy of IIANC Technology Consultant, George Robertson, CISR. George has more than 25 years of experience in the insurance and technology industry, with 12 of those being a fellow independent agency owner.
Over the past few years, we have seen a rise in the number of ransomware attacks. It was reported that in 2017, ransomware was up 350% with hackers obtaining billions of dollars from unsuspecting businesses and individuals. Recently, I received several calls from agencies asking about how to protect themselves and their clients from a ransomware attack. There are two main focus areas to assist agencies in their endeavor to help prevent an attack: prevention and protection.
Training of staff on a regular basis regarding phishing emails and telephone social engineering attacks are probably the two best places to start. Phishing emails appear to be from a source that might be known by your staff, such as a bank, shipping company, or other known entity. Each of these emails will have a call to action, informing the recipient they need to click on the link provided because they may have an issue with their bank account, need to reset a password, or their system has a virus. Once the link is selected, malware is installed on the computer which encrypts the machine and prevents the owner from any access until they pay the hacker. Hackers usually ask for untraceable crypto-currency or gift cards.
Fake phone calls are another way hackers like to gain access to your systems. Many call your staff pretending to be from a major software company informing them they have a virus on their machine. They will tell your staff they are trying to assist them in preventing hackers from gaining access to their computers. Most will ask the staff member to perform certain actions on their machine that give the hacker the ability to gain unauthorized access. Once the hacker gains access, they encrypt the computer and inform the staff member they must send money for the decryption code.
Every agency should take precautions to train staff not to click on any links without first checking to make sure they are valid. Never let anyone convince you to do anything on their computer without checking with management or their IT service provider.
There are two main areas for helping protect your agency from obtaining ransomware.
First, make sure every computer has anti-malware and anti-spyware. When installing, verify the software automatically checks for updates. This will help to ensure your system has the latest anti-malware and anti-spyware defenses. Have each machine run the scans at least once a day to verify your systems are free from malware and spyware.
Second, make sure you are backing up images of each computer. Imaging your computer drives will help you to restore your systems without having to pay the ransom to the hackers. In some cases, if the imaged drive is on the network, the ransomware will encrypt that device. So, make sure you keep at least one or two image drives off of the network. One way to make sure this is completed, is to have removable drives and keep at least one imaged back up drive off of the network.
As ransomware increases, make sure you are protecting your agency and training staff. Hopefully, this will prevent your agency from a ransomware attack.