Total number of users attacked by ransomware between April 2015 and March 2016 rose over 17% to total 2,315,931 users.¹

More Ransomware Tips for Credit Unions

These tips are additional simple things IT leaders can do to help protect their credit union.

• Help Users know the file type: Enable the ‘Show file extensions’ option in the Windows settings on your computer.This will make it much easier to spot potentially malicious files. Stay away from file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can use several extensions to disguise a malicious file as a video, photo, or document (like hot-chics.avi.exe or doc.scr).
• Identify & know of existing solutions: If there is an infection – determine the variant & possible solutions if one exists before starting restores:
  • https://www.nomoreransom.org/crypto-sheriff.php
  • https://www.nomoreransom.org/decryption-tools.html
• Stop outbound communication to known command & control: If you have a IPS/IDS or Unified Threat firewall – Make sure known command & control servers are blocked and you are alerted of any attempted connections so you can quickly find the infected system and stop the ransomware.
• Review Patch & Watch Critical Systems:  Include randsomware infections in your IT risk assessments and identify high risk entry points.  Report and review patch and antivirus alerts regularly to know if any systems are potentially compromised.
  • Antivirus alerts that repeatedly catch issues may indicate a user who needs training or an undetected threat trying to deploy additional malware in your environment.
• Limit permission! Only give credit union employees access to what they need to get their work done.  This goes for IT staff and IT leaders also.  Only use your privileged accounts for necessary IT maintenance work and not for daily work or web browsing.
• Don’t use an admin account for daily use.
• Separate Accounts & Different Passwords: Don’t use the same admin account (even local admin account) passwords
• Watch Active Directory for new user accounts, elevated privileges, or new users in privileged groups. Review elevated privilege reports or setup alerts on new privileges.
• Train & Educate all Users. Here is a short non-technical video you can use to start user education:
  [embed]https://youtu.be/4gR562GW7TI[/embed]

If you need help evaluating your current risk or addressing your IT infrastructure, Backup & Recovery, or security tools please reach out to us: info@pureitcuso.com

1-https://securelist.com/files/2016/06/KSN_Report_Ransomware_2014-2016_final_ENG.pdf