The IRS is in the midst of a 10-week security awareness campaign aimed at tax professionals, but the messages are applicable to us all. The campaign, “Don’t Take the Bait,” puts the spotlight on various attempts to compromise personal data through cyber attacks.

In the latest news release publicizing the campaign, the IRS warns tax professionals of the rise in ransomware attacks, where cybercriminals hack into the businesses’ databases and hold sensitive data hostage.

“Tax professionals face an array of security issues that could threaten their clients and their business,” IRS Commissioner John Koskinen says in the news release. “We urge people to take the time to understand these threats and take the steps to protect themselves. Don’t just assume your computers and systems are safe.”

We all must fight the ransomware threat

It’s a warning that we all should take seriously.

Ransomware is a type of malware that infects computers, networks and servers and encrypts, or locks, data. Cybercriminals then demand a ransom to release the data. Users generally are unaware that malware has infected their systems until they receive the ransom request. The IRS cited the 2017 Phishing Trends and Intelligence Report issued annually by Phishlabs, which named ransomware one of two transformative events of 2016 and called its rapid rise a public epidemic.

Ransomware is a threat that everyone needs to recognize and guard against. The most common way cybercriminals deliver ransomware to your computer is through phishing emails, which are designed to get recipients to click on a link or attachment which may either redirect you to a website that infects your computer or will install the malware directly.

Law enforcement officials advise victims NOT to pay a ransom, as it encourages the criminal behavior and there is no guarantee the cybercriminals will provide a decryption key anyway.

Tips for preventing ransomware attacks

Here are some tips provided by the IRS to help prevent ransomware attacks:

• For businesses, make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
• For digital devices, ensure that security patches are installed on operating systems, software and firmware. This step may be made easier through a centralized patch management system.
• Ensure that antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
• Manage the use of privileged accounts — no users should be assigned administrative access unless necessary, and only use administrator accounts when needed.
• Configure computer access controls, including file, directory and network share permissions, appropriately. If users require read-only information, do not provide them with write-access to those files or directories.
• Disable macro scripts from office files transmitted over email.
• Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers, compression/decompression programs.
• Back up data regularly and verify the integrity of those backups.
• Secure backup data. Make sure the backup device isn’t constantly connected to the computers and networks they are backing up. This will ensure the backup data remains unaffected by ransomware attempts.

Where to report ransomware attacks

Victims should immediately report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, www.IC3.gov. Tax practitioners who fall victim to a ransomware attack also should contact their local IRS stakeholder liaison.