Ransomware is a type of Cybercrime, a broad category that includes phishing, social engineering, invoice fraud, and extortion. It reportedly is the current leading cause of cyber attacks. Ransomware attacks, where someone uses malicious software to make your data inaccessible, are on the rise. Multiple land trusts have reported phishing schemes in the past year where they lost their data to a cyber-criminal such as happened to Colonial Pipeline.
Luckily, there is a lot that you can do!
Phishing emails almost always appear to come from a legitimate source, but it is not one and there are clues if you look for them.
- Exercise caution with links or attachments in emails you were not expecting; when in doubt, assume it is unsafe.
- Hover over the link to make sure that it goes to a legitimate site.
- Make sure everyone in your organization has training on identifying suspicious e-mails, texts, links or phone calls.
Have a plan and be proactive.
- Spend as much time on how you will handle a cyber-attack as in trying to prevent one. Have a cyber emergency plan that covers who, what, where and when.
- Consider a cyber insurance policy. Make sure you have the cyber carrier’s risk management contact info and instructions and have them accessible on paper for key staff. For more specific security measures see 6 Things Cyber Underwriters Love
- Back up your files. This keeps you from losing all of your data and then you can restore from your physical hard drive rather than pay a ransom. Access to cloud backups usually are blocked in a ransomware attack so have a physical hard drive backup too that you disconnect from your server or computers every night.
- Update your systems and software frequently so you immediately deploy security patches.
- Practice good password hygiene – long phrases, used only once per account, never revealed to others. You may want to use multi-factor authentication or a password manager.
- Follow the standard procedures on breach preparedness from the guide provided by MS-ISAC.
We’re here to help! If you have any questions, please let us know.
Conservation Defense Coordinator
ALLIANCE RISK MANAGEMENT SERVICES LLC
(202) 800-2248 | email@example.com