The Supervision Exchange

& Supervisors' Guild

Ransomware Awareness and Preparedness

Ransomware attacks are a real concern that can deal a heavy blow to your organization. As social workers, being aware of the risk as well as being prepared to respond to a potential future attack will give you peace about the confidentiality of your supervisee (and clients’) info. Not to mention helps you learn how to minimize the risk and damage caused.

If you have not read-up on ransomware and ways of combatting it, please take some time to read this article.

Be informed and empowered to act proactively. If dealing with ransomware is not in your job description or you’d say is something your IT department (or contractor) will handle for you, ask yourself and others how the risk of ransomware is currently being addressed within your organization. If you don’t receive thorough answers, it’s time to plan and act. If you do receive thorough answers, review your plan on an annual basis to help ensure your tactics are still relevant and working as planned.

The Cybersecurity and Infrastructure Security Agency (CISA, part of the Department of Homeland Security) had published a plethora of information regarding ransomware, how to prepare, and what to do. Below is a link to their ransomware webpage. 

https://us-cert.cisa.gov/Ransomware

The CISA has also published a ransomware guide in September. Below is a link to where the guide is located on their website. Please take some time to read through the guide and consider ways of implementing their recommendations. 

https://www.cisa.gov/publication/ransomware-guide

Take-Aways

You have a chance of not being impacted by a ransomware attack and surviving the outcome if you do fall victim. The issue is far-reaching and the measures needed to build an effective defense are broad. Please don’t let this topic be overwhelming. Start first by listing the things you are currently doing or have in place. Then plan to implement all recommended measures as soon as possible. Of course, the reality is that your clients need to be served and resources are not infinite. However, encountering ransomware unprepared can shut down your ability to serve your clients. In addition, your (and your client’s) data and information are often sold on the black market or openly distributed for criminals to use for more attacks, damage, and identity theft. Think about your preparation for ransomware in a similar way to preparing for a natural disaster.

Natural disasters (like tornadoes, earthquakes, tsunamis, and forest fires) are disastrous. If your organization is in the path of one of these natural events, you are likely to require significant time and resources to recover fully. The occurrence of these events is out of your control. There are often insurance policies in place to replace your building and the contents within, and you likely have an emergency action plan to help you and your coworkers act safely. 

Similarly, ransomware attacks are disastrous. Significant resources and time is required to fully recover from an attack. However, there are measures that can be put in place to shield your organization and help replace what is lost in the event of an attack. 

If you need help

Please let us know if you need help implementing some of the measures outlined in the CISA guide. Our KovirTech division can help you plan for and implement many of the needed measures. Below are a few of the many resources we can provide. 

  • Cloud and on-site back-up powered by Acronis®1
  • On-site network-attached storage and backup devices powered by Synology®2
  • Password management powered by LastPass®3

734-508-2242 / info@kovir.org / support@kovirtech.com

Trademarks

This blog post makes reference to trademarks, registered trademarks, and other protected names and/or symbols of third-party companies not related in any way to WizeCove. Where they occur these references are for illustrative purposes only and do not represent an endorsement of a product or service by WizeCove, or an endorsement of the product(s) to which this website applies by the third-party company in question. Regardless of any direct acknowledgment elsewhere in the body of this document, WizeCove hereby acknowledges that all trademarks, registered trademarks, service marks, and other protected names and/or symbols contained in this website and related documents are the property of their respective holders.

  1. Acronis® is a registered trademark of Acronis International GmbH CORPORATION SWITZERLAND Rheinweg 9 Schaffhausen SWITZERLAND 8200
  2. Synology® is a registered trademark of Synology Inc. CORPORATION TAIWAN 9F., No. 1, Yuandong Rd., Banqiao Dist. New Taipei City 220 TAIWAN
  3. LastPass® is a registered trademark of Marvasol, Inc. DBA LastPass CORPORATION DELAWARE 8315 Lee Highway, Suite 501 Fairfax VIRGINIA 22033

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *