Criminals do not have to be sophisticated to pull of a ransomware attack.
DES MOINES, Iowa (PRWEB) January 29, 2018
Sunday, Jan. 28, 2018, was International Data Privacy Day, an annual event coordinated by the National Cyber Security Alliance. Privacy, security and compliance expert Rebecca Herold wants consumers and business leaders to spend the week following taking a few simple steps to protect themselves from the growing threat of ransomware.
Ransomware, which victimizes individuals and businesses alike, is malicious software capable of stealing, and making inaccessible, data and files from computers, smartphones, servers and connected devices, such as smart thermostats, connected toys, voice assistants and other Internet of Things (IoT) gadgets. The criminals who deploy ransomware typically request money in exchange for the return of the stolen files. They keep the dollar amount low enough to tempt most victims into paying the fee. Often, however, victims will pay and not get their data back, or the crooks will keep copies of the data and continue to use it in fraudulent ways. The ransomware software is typically installed through the use of phishing emails, often with pointers to malicious websites, designed as legitimate communications from trusted sources, such as well-known acquaintances and popular brands.
“Criminals do not need to be sophisticated to pull off a ransomware attack,” said Herold. “There are more than 150 variants of the malicious software, which can be inexpensively purchased on the dark web. Ransomware suppliers are making annual incomes of over $100,000 selling crimeware as a service (CaaS) software. Those purchasing it are making that much and more themselves.”
To raise awareness about the threat, Herold has created an infographic titled “6 Places Crooks Steal (Then Ransom) Your Data.”
“Where there’s an Internet connection, there’s a datanapper,” states the infographic, which walks through the ransomware threat posed by the dark web and the IoT, as well as in homes, workplaces, stores and even doctor’s offices. “Datanappers love the way we live, always connected and happily over-sharing. While you shop, get a check-up, use smart cars, work or stream movies on the couch, the bad guys are right there watching, waiting for you to drop your data, or use lack of security controls to simply walk right in and take your data.”
Herold recommends individuals and business leaders devote 30 minutes during the week of Data Privacy Day to upping their ransomware protections. Here are three simple steps to take in observance of International Data Privacy Day:
1. Delete unused apps. Games, especially, are often fronts for data collection entities. Get rid of all you haven’t used lately.
2. Patch your systems. This should be set up to happen automatically. Double check you have all of your devices set to auto install security patches and updates.
3. Back up your files. If you use a cloud service, double up and use a physical device, too. Make sure it is not attached to your computer except when actually backing up.
ABOUT REBECCA HEROLD
Rebecca Herold is an information privacy, security and compliance expert, author and educator. She has provided services and products to organizations throughout the world in a wide range of industries for more than two decades. Herold’s Privacy Professor business has assisted a variety of health care and other organizations for the past 15 years. In 2014, she launched SIMBUS, LLC, a cloud-based technology service to provide organizations of all sizes, from one-person shops to large multinational organizations, effective information security, privacy and compliance management programs. Herold is widely recognized and respected; she was named a Privacy by Design Ambassador and declared the “3rd best privacy advisor in the world” by Computerworld. Herold is also host of the radio show “Data Security and Privacy with the Privacy Professor” on the VoiceAmerica.com radio network.
Ransomware Infographic: https://simbus360.com/wp-content/uploads/2018/01/Data_Privacy_Day_2018_infographic_FINAL.pdf
Twitter ID: http://twitter.com/PrivacyProf