The National Cybersecurity and Communications Integration Center (NCCIC) has announced an increase in ransomware attacks. A ransomware attack occurs when malicious software is used to deny access to a computer system until a ransom is paid. Ransomware can attack a computer through a phishing email or when an infected website is visited.
NCCIC has the following recommendations to protect against ransomware:
- Update software and operating systems with the latest patches.
- Never click on links or open attachments in unsolicited emails.
- Backup data on a regular basis. Keep it on a separate device and store it offline.
- Follow safe practices when browsing the Internet.
NCCIC also provides the following recommendations for businesses:
- Restrict users’ permissions to install and run software applications.
- Use application whitelisting to allow only approved programs to run on a network.
- Use strong spam filters to prevent phishing emails from reaching users and authenticate inbound email to prevent email spoofing.
- Scan all incoming and outgoing emails to detect threats.
- Configure firewalls to block access to known malicious IP addresses.
Employers should continuously monitor employees’ use of email and website and implement company-wide practices to prevent potential malware attacks.