What is a Ransomware Attack?

Attacks involve malware delivered through spear phishing emails that lock up valuable data assets and demand a ransom to release them.

Hackers now check a victim’s social media accounts, and create a fake email address pretending to be a friend or contact in order to get them to click on an infected link or attachment.

“It’s much more targeted, and will exploit a particular vulnerability in a device, application, server or software,

The Health / Education / social sector is highly targeted by hacker attacks, due to antiquated or mis-configured computer security systems and the amount of sensitive data they hold.

How to Prevent Ransomware Attacks

1. Do not click hyper links from un-known sources, and without establishing authenticity of link even from known sources.

2. Prepare a up-to-date inventory of all the “Digital Assets” at various locations/facilities being used by the various functionaries of the

3. Make a trustworthy knowledgeable functionary (permanent Government employee) Administrator of the Digital Assets (ADA) of the organization at each

4. Let ADA keep all software (especially the system software) up to date, including operating systems and applications.

5. ADA has to ensure back-up of ail digital content located in the digital assets under ADA jurisdiction every day, including information on employee devices, so ADA can restore encrypted data if attacked by ransomware.

6. Back up all digital content to a secure, offsite secret location(s) within

Online GST Certification Course by TaxGuru & MSME- Click here to Join

7. Distribute Back-up : Divide the digital assets and distribute the back-up locations. Don’t place all data on one back-up file and share it.

8, ADA in collaboration with NIC officials, to train all the staff using the digital assets including mobile devices connected to network, on cyber security practices, emphasizing not opening attachments or links from unknown sources.

9. Develop a communication channel and strategy to quickly inform all employees if a virus reaches the company network.

10, If every bit of data of the organization is safeguarded and back-up is kept secretly, even if hackers attack and demand ransom, Govt can launch an investigation rather than making payment.

11. Mandate security auditing by ICERT empanelled auditors for all the digital assets as per Gol policy.

12. ADAs in collaboration with information security teams of ITE&C Dept and NIC to perform penetration testing to detect the vulnerabilities.

13. Register all the devices and digital assets. Strictly avoid usage of un-registered and unmonitored devices.

14. Adopt and use standard security and data privacy policies as per advisories from ITE&C Dept, NIC/ Govt of India.

15. Ensure all devices and systems are protected well with latest firewalls and anti-virus systems.

Mitigating an attack

1. Remove the infected machines from the network, so the ransornware does not use the machine to spread throughout your network.

2. Report the attack and register all information related to

3. Facilitate investigation of the

4. Let one authorized spokesperson of the entire department only communicate with media the information related to attack.

5. A inventory of attacks and decryption kits / mitigation kits to be maintained.

Source- National Informatics Centre

More Under Corporate Law

Posted Under

Category : Corporate Law (3437)
Type : Articles (14577) Featured (4133) Trending (305)
Tags : Software (89)

3 responses to “How to Prevent and Mitigate Ransomware Attacks”

  1. N. Krshnaswamy says:

    My computer was attacked by ZAPTA ransomeware on 1st September 2016 and some files were corrupted. I called a software technician and referred the matter to him. He came and saw and told that there is no proper information as to where to send the money and if money is sent , whether the files will be restored is doubtful. He wanted me to ignore and back up the existing files. further file were not affectd.I had a notion ht the file must be sitting in the registry and if it is removed form he registry, the files could be saved. But he did not listen to me. Again on 13th September 2016 the virus attacked and wiped out all the window application files leaving PDF files and OUTLOOK files.
    I immediately ran the Microsoft Security Essential
    file and immediately showed the ransomeware file and gave full direction as to how to remove the file from the registry.
    Then I remembered that I have downloaded a WINRAR file with about 3KB size around 1st September to see what it is. There was a file which I opened and that has got it. I deleted the file form the mail and similarly I have opened another similar mail.
    There were two files one to receive the virus without any restriction and another virus file.
    After I removed both the files form the registry, I am daily running the Micrsoft secuity essential scan and I have not received so far any threat. This anti virus is bundled with Windows 7 and later versions but available only for stand alone computers and not for network Windows Server applications. For network the software has to be purchased separately from Microsoft.
    Since may of my files were in Outlook I could recover most of the files or getting them form my clients, since my operations were not very big..

  2. ganesh says:

    How to Prevent and Mitigate Ransomware Attacks-this article is very use to us.thanks

  3. Rowans says:

    What is this article?? Is it a copy paste from some obscure journal?

    Where am I going to find “a trustworthy knowledgeable functionary” and that too a permanent Government employee to maintain my PC? I don’t think there are many corporates around that can convince a permanent government employee to act as their “Administrator”. If he is knowledgeable and trustworthy too, why would he come to my office and agree to act as the “ADA”.

    The article has just managed to garner eyeballs and adds virtually no value to the information that is given in the newspapers

Leave a Reply

Your email address will not be published. Required fields are marked *