Workplace Cybersecurity: 6 Ways to Protect Your Employer from Ransomware and Cyberattacks
Don’t let a dumb mistake bring down your company
When you think about workplace safety, you probably picture ergonomic work stations in office buildings or safety gear in manufacturing plants. But there’s a growing workplace safety issue you may not think much about: cybersecurity.
The importance of workplace cybersecurity was recently underscored at Hollywood Presbyterian Medical Center in Los Angeles. For more than a week, hackers shut down the hospital’s computer systems and demanded $17,000 in ransom, which the hospital paid, to return the systems to normal, the Associated Press reports.
Hospital staff went without email, instead communicating in-person or by fax. Though the hospital said patient care wasn’t compromised, electronic records with patients’ medical history were inaccessible to staffers, so new records and patient registration information were being recorded on paper, according to NBC Los Angeles.
Stefanek, the CEO and president of Hollywood Presbyterian, told NBC the
cyberattack was “random” and not malicious. This means it’s possible someone at
the facility clicked on an infected link in an email or a pop-up ad and
introduced a virus onto the hospital network,
The Atlantic reports.
Viruses and malware that take over a server or a computer and demand money to return the data are called ransomware. The ransomware encrypts the data, which can be unlocked only with an encryption key. Hackers offer victims that key, but for a price.
Ransomware attacks have increased in recent years, according to McAfee, which is part of Intel Security. A number of police departments paid between $500 and $750 in ransom in 2015 after hackers seized their systems.
In fact, a new ransomware strain just hit the Web, reports KnowBe4, a security awareness training platform. Called “Locky,” it starts out with a Microsoft Word attachment which has malicious macros in it. KnowBe4’s CEO, Stu Sjouwerman, says few antivirus products are catching it. The ransomware tricks users twice: once into opening the attachment, and again to enable the macros in the file. When the Word document is opened, it looks scrambled, and a message is displayed telling you to enable the macros if the text is unreadable.
You’ve heard all about not opening suspicious-looking emails or opening random attachments. Those cybersecurity efforts you make with your personal computer and smartphone should carry over to your office computer as well.
The National Cyber Security Alliance urges employees to do their part to step up cybersecurity at work. It offers these tips.
1. Don’t install outside programs on your work computer. They can create security vulnerabilities in the network. Follow your company’s rules for what you can and cannot download or store on your machine.
2. Use good password practices. Make them “long and strong,” the National Cyber Security Alliance says, with a mix of upper- and lower-case letters, numbers and symbols. Change them at least every six months, and don’t share them with your colleagues.
3. Never click on suspicious links. “When in doubt, throw it out,” the National Cyber Security Alliance advises. If you see a strange link in an email, tweet, social media post or attachment, don’t click on it, and delete the email. It could be a phishing scam.
4. Use your email filters to limit spam. They can keep harmful emails from ever landing in your inbox. If you don’t know how to use them, ask someone in your company’s IT department.
5. Speak up if you’re having computer problems. Your employer should encourage you to be watchful and notify IT if your computer is behaving strangely.
6. Back up your work. Make physical and electronic copies of your most important work.
Like this article? Share it with friends by clicking the Facebook or Twitter button below. And don't forget to visit our Facebook page!