Fend off ransomware with cybersecurity common sense

With numerous high-profile cases making recent headlines, ransomware may seem like a new phenomenon. That's only half right. The threats criminals are making are relatively new, but the methods they're using to breach computers are old standbys, the head of ISU's cybersecurity team told the Professional and Scientific Council at its Nov. 3 meeting.

"Nothing has changed. Hackers break in the same way they always have. Ransomware is just a different way to monetize it," said Rich Tener, chief information security officer for information technology services (ITS).

Ransomware is a type of malware that allows an extortionist to encrypt all of your files, demanding payment to unfreeze them. An attack on a personal computer could endanger a collection of family photos. A compromised university computer could mean losing sensitive research data or student information.

"It's almost like they're walking into your house, locking up all your valuables in a safe they brought with them and then not giving you the code until you pay them," Tener said.

In a presentation to the council, Tener outlined some tips for how employees can defend themselves and the university from ransomware. Here are some highlights.

Always back up

A key method of protection is making sure to regularly back up your files, which also has value in case of any other storage failure. Google offers a free option, Tener said. Those who have wisely backed up their files can restore them, though ransomware attackers may then threaten to publicly release the data they've seized, he said.

Secure your accounts

It may be tempting to reuse a password across your numerous accounts, but it’s not safe, Tener said. When hackers steal a password, they likely will try to access other accounts linked to you with that password. Nobody walks around with dozens of passwords memorized, though. Use a password manager such as LastPass, 1Password, KeePass or Dashlane, which create unique and strong passwords for each of your accounts. Then you only need to remember one password.

Email deserves special care

Be especially careful to make your personal email account secure by enrolling it in multifactor authorization, which requires logging in with both your password and a separate identification method -- often a code sent to your phone. With multifactor authorization in place, a stolen password isn’t enough for a hacker to access your email. Anyone with access to your email can unlock many of your accounts via the password recovery process, Tener said.

Pay attention

At Iowa State, all password-protected logins require multifactor authorization with Okta. Using the Okta mobile app, users don’t even have to enter a code and can just click a button acknowledging they’re trying to sign in. If you’re not actively signing in and get an Okta notification to verify your identity, make sure to deny access and contact the ITS security team at security@iastate.edu, Tener said.

Also be on the lookout for phishing and scams. Be skeptical about unusual requests that seem to come from colleagues and supervisors, and inspect the message header to make sure it’s a legitimate ISU address if the request comes by email. Don’t open unsolicited Microsoft Office attachments. Send a note to the security team if you’re suspicious.

Real updates, fake updates

Keeping software updated is crucial for patching security holes that hackers can exploit, but watch out for pop-up browser windows that suggest you need a software update. Legitimate software updates should come via system notifications, while fraudulent software updates always come via browser window, Tener said.

Know the source

When you’re downloading new software, only use trusted sources. Apple and Google app stores and ISU’s self-service and software centers are ideal places to download common programs.

Be proactive

Wondering if your account information has been stolen in a security breach? Tener said there’s an easy way to find out. Enter your email address in haveibeenpwned.com, which searches dark web databases to identify what accounts associated with that address have been compromised.

Security problem?

Think you might have a security issue with your computer? Or just have a question? Contact the ITS security team at security@iastate.edu.