Imagine a scenario in which you attempt to log into your computer system and are denied access. Your IT staff advises that they cannot access your system either, but notice a message that your system is now encrypted. You’ve just been hacked. The hacker now demands payment of a cryptocurrency to receive the decryption code to regain control of your computer system.
This type of computer takeover involves the use of ransomware which is a type malicious software that may have been delivered to your business through an attachment in a phishing email that superficially appears legitimate. It may also have been deployed by staff that unwittingly download alleged updates to existing software programs.
ARC encourages our travel industry partners to review your network security procedures to ensure you’re ready to respond if this occurs at your agency. The following best practices are recommended to reduce your exposure to ransomware incidents.
- Ensure your operating software is up to date as it ensures the latest patches are deployed
- Install antivirus software to constantly scan your systems for external threats
- Back up your data on a daily basis and then isolate the backup data “offline” from your operating system
- Restrict system “administrator” rights only to appropriate staff
- Train staff on how to spot suspicious emails, especially those with attachments, from unknown senders
Please contact ARC Risk Management should you have any questions at 855-358-0393 or at firstname.lastname@example.org.
*The best practices are intended for general informational purposes only and are not intended to be relied upon as your sole source for information security. Please refer to your own advisors for specific advice.