Protect Against Ransomware

The Department of Homeland Security (DHS) wants to help small businesses across America protect against ransomware, and the National Cybersecurity and Communications Integration Center (NCCIC) has issued this message:

NCCIC has received multiple reports of WannaCry ransomware infections worldwide. Ransomware is a type of malicious software that infects and restricts access to a computer until a ransom is paid. Although there are other methods of delivery, ransomware is frequently delivered through phishing emails and exploits unpatched vulnerabilities in software.

Phishing emails are crafted to appear as though they have been sent from a legitimate organization or known individual. These emails often entice users to click on a link or open an attachment containing malicious code. After the code is run, your computer may become infected with malware.

A commitment to cyber hygiene and best practices is critical to protecting organizations and users from cyber threats, including malware.

In advice specific to the recent WannaCry ransomware threat, users should:

  • Be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact your organization's helpdesk or search the Internet for the main website of the organization or topic mentioned in the email).
     
  • Exercise caution when opening email attachments. Be particularly wary of compressed or ZIP file attachments.
     
  • Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
     
  • Avoid providing personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information.
     
  • Avoid revealing personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
     
  • Be cautious about sending sensitive information over the Internet before checking a website's security.

If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from anti-phishing groups such as the APWG.

You can contact NCCIC 24x7 at (888) 282-0870 and nccic@hq.dhs.gov and/or ncciccustomerservice@hq.dhs.gov

You can also get specific information to Ransomware NCCIC has created via the US-CERT website. www.us-cert.gov/ransomware