How to protect your information from ransomware attacks
A man uses a keyboard in this stock image (Pexels/Soumil Kumar)
TORONTO -- Last week's ransomware attack on the U.S. Colonial Pipeline has drawn attention to the importance of good cybersecurity, prompting cybersecurity experts to encourage Canadian individuals and businesses to brush up on their cyber hygiene.
Last Friday hackers used ransomware to get into the systems of the Colonial Pipeline, the largest fuel pipe in the U.S. Although the hackers didn’t directly affect operations, the pipeline was shut down for four days to minimize damage before continuing operations on Wednesday.
With this recent cyberattack, just how vulnerable are businesses and individuals from ransomware? CTVNews.ca spoke with Ali Dehghantanha, Canada Research Chair in Cybersecurity and Threat Intelligence, on ransomware attacks, how to protect your information, and what to do if you’re being threatened.
WHAT IS A RANSOMWARE ATTACK AND HOW LIKELY AM I TO BE TARGETED?
Ransomware is a type of malware that is intentionally designed to cause damage to a computer, server, or computer network, encrypting all the information on your device. Hackers use this technique to ask for ransom payments in order to decrypt the information on your system.
Dehghantanha, the director of U of Guelph’s Cyber Science Lab, says that a decade ago, hackers would mainly target individuals with ransomware attacks that averaged about $1,000 to $2,000. However with advancing technology, hackers have been able to target larger companies with million-dollar ransoms and a low risk of being caught.
Whether it’s a threat towards an individual or a company, Dehghantanha says that the chances of falling victim to a ransomware attack is high because not only is it inexpensive to develop ransomware, but the expertise to perform the attack is low, noting that second year computer science students have the skills to do this.
“You don’t need to be an organized cyber team or group. You don’t need to have much security, knowledge, or expertise to deliberate the target,” Dehghantanha told CTVNews.ca. “Most of these LAN servers are using the operating system, these encryption mechanisms, to encrypt the data… They don’t really need to do much to have access to the system.”
HOW CAN I PROTECT MYSELF FROM A RANSOMWARE ATTACK?
To protect your data, Dehghantanha suggests regularly backing up your information onto external devices, such as an external hard drive. He adds that digital assets should also be secured on an external device that isn’t directly connected to the internet.
For businesses, Dehghantanha says to minimize employee access to important files. Employees can unintentionally increase the data or run encryption tools, making the files easier to access by hackers.
Practicing good cyber hygiene is also important. This includes methods such as creating difficult passwords and changing them frequently, ensuring your system is up to date, and having two-factor authentication.
“You’re talking about those small things that will reduce your risk significantly,” he said. “Making sure that your systems are patched up and up to date, difficult to get passwords… It becomes more difficult for the attackers to get access to your confidential and private information.”
WHAT DO I DO IF I’VE BEEN THREATENED WITH A RANSOMWARE ATTACK?
Dehghantanha says if you’ve been impacted by ransomware, reach out to cybersecurity professionals or the police, who may be able to track and retrieve your information. He also suggests having professionals analyze your system to prevent this from happening again.
“Make sure to get the help of cyber security professionals to thoroughly analyze your system, making sure that you find out how the attack is getting into the machine and putting enough solutions on your environment so that it will not happen again,” he said. “I have seen many clients who have been impacted by similar events, so don’t become that kind of victim that hacking groups are coming to every quarter or every month asking for access.”