“Don’t Take The Bait,” Defend Against Ransomware

The Internal Revenue Service, state tax agencies and the tax industry recently warned tax professionals that ransomware attacks are on the rise worldwide. Bad actors here and abroad are infiltrating computer systems and holding sensitive data hostage.

The IRS is aware of a handful of tax practitioners who have been victimized by ransomware attacks. The Federal Bureau of Investigation recently cautioned that ransomware attacks are a growing and evolving crime threatening the private and public sectors as well as individuals.

The Arizona Attorney General’s office is warning consumers to protect their personal information and be aware that hackers are using “pirate websites” to illegally distribute copyrighted content and infect computers. Dangerous malware can lead to identity theft and financial harm

A recent study found that 1 in 3 content theft websites exposed users to malware exploitable by criminals. Almost half of the malware was delivered via “drive-by” downloads, meaning an unintentional download of a virus that is delivered without the user even having to click on the link.

Downloading malware can lead to:

  • Financial loss, including breaches to banking accounts or credit card information.
  • Identity theft and loss of privacy.
  • So-called ransomware, where access to a computer is frozen until the user pays a ransom fee to return access to their computer.
  • Spyware downloads that grants hackers access to computer or cell phone cameras without the user’s knowledge.

The following tips can help you avoid compromising your computer:

  • Avoid untrusted websites and only visit legal, secure, and legitimate websites.
  • Install anti-virus programs and keep them updated.

The “Don’t Take the Bait” campaign, a 10-week security awareness campaign aimed at tax professionals, hopes to increase awareness about these attacks. The IRS, state tax agencies and the tax industry, working together as the Security Summit, urge practitioners to learn to protect themselves.

Ransomware is a type of malware that infects computers, networks and servers and encrypts (locks) data. Cybercriminals then demand a ransom to release the data. Users generally are unaware that malware has infected their systems until they receive the ransom request.

The 2017 Phishing Trends and Intelligence Report issued annually by Phishlabs named ransomware one of two transformative events of 2016 and called its rapid rise a public epidemic. In May 2017, a ransomware attack dubbed “WannaCry” targeted users who failed to install a critical update to their Microsoft Windows operating system or who were using pirated versions of the operating system. Within a day, criminals held data on 230,000 computers in 150 countries for ransom.

The most common delivery method of this malware is through phishing emails. The emails lure unsuspecting users to either open a link or an attachment. However, the FBI also has warned that ransomware is evolving and cybercriminals can infect computers by other methods, such as a link that redirects users to a website that infects their computer.

Victims should not pay a ransom. Paying it further encourages the criminals. Often the scammers won’t provide the decryption key even after a ransom is paid.

Tips to Prevent Ransomware Attacks

Tax practitioners – as well as businesses, payroll departments, human resource organizations and taxpayers – should talk to an IT security expert and consider these steps to help prepare for and protect against ransomware attacks:

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • For digital devices, ensure that security patches are installed on operating systems, software and firmware. This step may be made easier through a centralized patch management system.
  • Ensure that antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts — no users should be assigned administrative access unless necessary, and only use administrator accounts when needed.
  • Configure computer access controls, including file, directory and network share permissions, appropriately. If users require read-only information, do not provide them with write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers, compression/decompression programs.
  • Back up data regularly and verify the integrity of those backups.
  • Secure backup data. Make sure the backup device isn’t constantly connected to the computers and networks they are backing up. This will ensure the backup data remains unaffected by ransomware attempts.

Victims should immediately report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, www.IC3.gov. Tax practitioners who fall victim to a ransomware attack also should contact their local IRS stakeholder liaison.

About ADI Staff Reporter 12171 Articles
Under the leadership of Editor-in -Chief Huey Freeman, our team of staff reporters bring accurate,timely, and complete news coverage.