Beware Ransomware

By on Apr 13, 2016 in Technology

Last month, the Los Angshutterstock_161163632eles Department of Health Services became the latest victim in a string of ransomware demands hitting the healthcare industry. Though not as severe as the ransomware attack on Hollywood Presbyterian Medical Center earlier this year demanding $17,000 in bitcoin, Department officials were quick to act on the threat.

The Los Angeles Department of Health Services was able to contain the damage to five work computers thanks to preemptive security measures. Because employees have limited access to the department’s database, the ransomware attack was unable to spread.

When asked about the nature of the attack, Director of USC’s Center for Computer Systems Security Clifford Neuman explained, “Since this one affected only a few employees’ systems and does not appear to have spread further, it was likely one of these non-targeted pieces of malware.”

Exploiting Vulnerabilities

Non-targeted malware describes how attackers access a victim’s device. Whether the ransomware sneaks in through an email, an attachment or even a camouflaged link, once triggered, the result is a total lockdown of the infected device through encryption of the contents. Paying the ransom releases the data and returns control of the device to the victim.

Ransom prices can vary from small sums to thousands of dollars. Until recently, Apple devices and systems had not been widely affected, but news of ransomware malware lurking inside a recent update for Transmission highlighted vulnerabilities inherent in all online activities.

While in the past ransomware primarily struck individuals, in recent months attacks have kicked up a notch. The latest victims are large, data-rich institutions like hospitals and government services.

“Since the New Year, the healthcare industry has experienced an uptick in ransomware incidents,” county spokesman David Sommers told the LA times, reiterating that the county has “be successful in analyzing and mitigating this [most recent] threat.”

Protection and Preemptive Measures

Though the FBI advises victims capitulate to ransom demands, many security experts believe users can preemptively protect themselves by staying vigilant. They advise deleting suspicious emails and attachments, and paying close attention when clicking links and downloading software. Another option is to bookmark trusted sites. Also important: Stay up-to-date on software patches and system updates, and perform regular backups.

Once a malware attack is underway, users may still be able to lessen the damage by acting quickly. If you suspect your device has been compromised, immediately disconnect it from Wi-Fi and unplug it from the network. Pause any scheduled backups and perform a system restore from a clean source.

While ransomware attacks are still rare, your best defense is a good offense. Users of Yardi software systems have access to the most advanced software security measures in the industry. Fully SSAE 16 compliant, Yardi Cloud hosting provides guaranteed data recovery and security with around-the-clock monitoring of server operation.

Most importantly, Yardi is committed to keeping all cloud hosting and software systems safe and secure, while also being proactive about security threats.

[“We conduct] regular audits test penetration and vulnerability assessments with top-tier security vendors like Ambient, SecureWorks, and Sungard,” explains Jay Shobe, Vice President, Technology at Yardi. “These vendors do this all day every day, and we get validation that our environment is secure through these processes.”