As an early piece of malware, the 1989 Yankee Doodle virus was limited to playing the patriotic song of the same name. Much has changed over the years, and the rise of ransomware is playing out a very, and much less melodious tone. Countless individuals and businesses of all sizes are being locked out of their own data and their systems made unavailable, until a ransom is paid to the ransomware creators.
Just this week, a cluster of ransomware attacks against MongoDB servers has affected more than half of the Internet-facing MongoDB databases. Ransomware is a prime time information security risk, and its effects can be devastating. Want more evidence that ransomware is a problem that must be dealt with? David Balaban created this list of ransomware-related events from the last 8 months.
In Ransomware: Defending Against Digital Extortion (O'Reilly Media 978-1491967881), authors Allan Liska and Timothy Gallo have written a concise and helpful guide that shows the reader what they can do to ensure they don’t become a victim, or at least minimize their chances of becoming a victim of a ransomware attack. The book also enumerates what can be done if a firm finds themselves in the midst of a ransomware attack.
A key point the book makes is that most ransomware attacks are a result of an email. They suggest the most efficient method to use is to secure the messaging infrastructure as part of a multi-layered approach. At the perimeter, they advise using a gateway which could be the first step in identifying and quarantining ransomware.
Behind each email is a user who may click a link to unknowingly load ransomware on their local machine. Liska and Gallo emphasize the need for effective awareness training. They also make the point not to put all the blame on the end-user in case something goes bad.
A good part of the risk avoidance measures the authors suggest includes basic information security practices. They note that one of the best methods to avoid paying a ransom is have an effective and tested data backup plan in place.
At 190 pages, the book doesn’t waste space giving you a long introduction to ransomware. It gives a basic overview, then delves into tactical approaches that you can use at various levels in the enterprise.
A reviewer on Amazon notes that the book is “good, but needs some more editing to be great”. I also did find a number of editing mistakes; but they were all trivial. Given the devastating effects of ransomware, this is an excellent reference to put to use to ensure you don’t become a victim. If you can deal with an incorrect acronym or two, and focus on the superb tactical advice detailed in the book, you’ll be better able to defend against and deal with ransomware.