There have been reports in the news recently where computers and even entire databases have been hijacked by hackers, the information encrypted and the key to open those files again offered up as ransom. This situation is particularly worrisome for public safety, where the information we possess can be used for nefarious purposes. In some of these cases, even when the ransom was paid, the encryption key was not exchanged and the data was lost anyway.
Fire departments around the nation keep personnel records, response data and even patient-care information in their databases. As is required, most of these systems are maintained with a high level of security.
However, there are some cases where hackers have managed to create havoc. Fortunately, Public Safety Systems Administrator Stephen Ralston (Hilton Head Island Fire Rescue) says, departments can avoid a lot of these situations by simply sticking with the basics: good antivirus and antimalware programs, as well as regular backups of your data.
An article by ABC News in April reported that ransomware can infect your computer if a user clicks a dangerous link or downloads an infected file, often posing as a benign attachment. Ralston indicated that one solution is to avoid browsing the internet when logged in as an administrator on your computer.
“If you set up an account on your workstation with a much lower level of security access,” Ralston reported, “malware may be downloaded but unable to affect your system because it doesn’t have the ‘rights’ to change any programs.”
He stated that right now the hackers are attacking Word documents, Access databases and pictures. If they can find a way to attack enterprise systems, like SQL databases, the effect could be catastrophic to some organizations.
While avoiding inappropriate or suspicious websites seems like an obvious solution, on occasion malware can slip in through legitimate-looking email attachments. In any case, ensuring any essential data, like personnel information, patient records or run records, are stored in servers kept off the internet will prevent individuals from accessing them.
As always, sticking to elements of good computing—like the old adage “Back up early and often”—may in fact save a lot of heartache when the bad guys come calling.