We learned that the Philadelphia courts and their E-filing system have been brought down with a computer virus attack. And the attack has not resulted in a data breach or ransomware installation (unlike Baltimore City government).
We wish them the best for a complete recovery and want to share some thoughts on how one might prepare and recover from this problem.
---
We’ve been doing things the old-fashioned way, filing in paper form, with checks attached,” Bixler told the Legal Intelligencer. ‘For our people, it didn’t require learning anything new. It just required remembering how to do it the old way.’”
This is well and good. But in my opinion, we need to look at this as an ongoing problem. Therefore, we need to have a plan to prevent and if unsuccessful, recover from an infected court computer system. I read many articles on this subject and have included links to most of them at the end of this post.
One important resource is the US Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA). Their web page on computer virus basics explains that a great number of computers are infected because of opening e-mail attachments which in turn start programs or macros that do the damage.
So here are some prevention steps and options to consider?
A. Maintain/update your computer operating systems and anti-virus software. Now I know that many courts do not have the budget to do this or, your computers are too old to be updated. If so then can I perhaps interest you in an alternative approach that I will discuss in paragraph "C" below?
B. Version and remove your computer backup files. My Dad was one of the original computer scientists in the country starting in the 1950s. He taught me to make three sets of backup files. One set was the daily backups -one per business workday Monday through Friday. The second set was the weekly backups by month – week 1, 2, etc. And the third set was the monthly backups. Each month we would send the last weekly and monthly back to the state archive center. I believe we kept at least six individual month versions there at a time. Paranoid? Yes. It paid off as we never lost a file in over a decade. And to this day I make full offline backup copies of my systems regularly on removable disk drives.
C. Perhaps avoid being a target is a strategy to consider? A great majority of the software viruses are aimed at the Microsoft suite of office and operating systems products that take advantage of their powerful programming/macro functionality. Microsoft has done a great job of combating problems in each new release of their systems. But again, if you have old computers running old versions of their software, they really can’t be blamed. What to do?
Here are some options:
- Switch to cloud office software that only needs a new browser to use? Both Microsoft Office 365 and Google G Suite are primary options here. This gets you up to date and protected via their enterprise cloud security. But this approach does cost some per month.
- But what do you do if you have NO money? I have had suggest LibreOffice running on a Linux workstation distribution in the past as an option. LibreOffice Word works just fine with Microsoft .doc and docx file formats. And the XML based format makes it easy to work with for templates and data/mail merge. It really isn’t all that hard to get this running. Here is a link to the Ubuntu Desktop web page to check out: https://www.ubuntu.com/desktop
- And a third option is to perhaps move to the Google Chrome OS-based systems? But that may require buying new hardware? For discussion on Chrome OS versus Windows safety see: https://www.ricksdailytips.com/chromebook-safety-vs-windows/
- The fourth and I know likely a popular option is to go to Apple iOS (version 13 coming soon). If you have the money this is a perfectly fine approach. It is a very safe system so much so that Kaspersky Labs doesn’t offer an antivirus app for this environment. https://www.kaspersky.com/blog/ios-security-explainer/23811/
Last, an advantage of the cloud “office systems” is that it will be much easier to recover from workstation infection. One just needs to reformat the computer’s disk drive and install a base/clean version of the operating system, anti-virus and a browser that supports your cloud system and you are ready to go.
--
Here are some of the articles that I reviewed for this post:
- https://insights.sei.cmu.edu/sei_blog/2017/05/ransomware-best-practices-for-prevention-and-response.html
- https://www.nomoreransom.org/en/prevention-advice.html
- https://www.schneier.com/blog/archives/2017/05/wannacry_ransom.html
- https://krebsonsecurity.com/2019/05/should-failing-phish-tests-be-a-fireable-offense/
- https://it.wisc.edu/cybersecurity/cisos-perspective-special-edition-google-docs-ransomware-adventures/
- https://www.crn.com.au/news/new-ransomware-hits-google-docs-430624
- https://www.zdnet.com/article/office-365-vs-g-suite-which-productivity-suite-is-best-for-your-business/
- Google Cloud YouTube video - https://www.youtube.com/watch?v=JZZyv96qPuI
- https://cloud.google.com/security/
- https://spinbackup.com/blog/google-drive-ransomware-protection-tips/
No comments:
Post a Comment