29 March 2016

DOES YOUR MUSEUM'S EMERGENCY PREPAREDNESS PLAN INCLUDE RANSOMWARE?

TECHNOLOGY TUESDAYS

BY: ORVIS STARKWEATHER

This research question has been dogging me for the past couple weeks. It lurks in the corners of my mind until I’ll be lounging on the subway or eating dinner and it floats back up to the surface. One of my passions is software-based art and while I can find some sources that address cyber security in regards to archives, I haven’t seen the same level of discussion within museum circles.

Ransomware is a type of malware that demands a ransom payment to regain access to infected files. Early ransomware was often aimed at individuals, but the networks of businesses are increasingly being targeted. Businesses with sensitive or valuable data such as law firms, hospitals, and accounting firms are more likely to be targeted and many of these companies are paying the ransom. For example, in February Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of $17,000. 

Source.

Museums develop emergency preparedness plans with the goal of avoiding or mitigating any damage to the collection should a disaster occur. Most commonly these plans tackle floods, earthquakes, and other natural disasters, but any threat to the museum's collection should be tackled, which would include cyber crime for some institutions.

Often when talking about cyber security, the predictions of mayhem can be vastly blown out of proportions. I want to be explicitly clear that I have not yet encountered a case where a museum has been infected by ransomware. That being said, it would be proactive to consider cybercrime next time you make your emergency preparedness plan. This is one of my on-going research questions, but here are some suggestions to get the ball rolling:

1. Employ Preventative Measures 

Make sure your anti-virus, browser, and plug-ins are up to date. Backing up your data is essential, but there are instances of ransomware lying dormant for long periods which allows it to infiltrate backed up files as well. Ideally, you should consult with an expert to make sure you have backup architecture suitable to your needs.

2. Assess the Risk of Ransomware to your Museum

Each museum will have different areas of risk. Having a good understanding of your institution’s vulnerabilities let’s decision makers better manage your options. You might consider the following factors:
  • - Are there items in your collection that only exist in digital form?
  • - How secure is your backup architecture? 
  • - Is there a way to recover data if all digital copies were compromised? For example, if you have a paper copy of your collections records then the information could be recovered even if your backups were compromised. 
  • - How much time and/or labour it would take to recover your files? 
  • - Would your insurance cover these costs? 

3. Add Cyber Security Experts to your List of Emergency Contacts

Most emergency preparedness plans will incorporate a list of contact numbers. Make sure you have identified a couple people who could do a forensic examination to determine the magnitude of the situation.

4. Decide in Advance if you would Consider Paying the Ransom

It is a good idea to devote the proper time and energy into evaluating your options and tensions can run high after a network has been infected. If you would consider paying the ransom, put a ballpark on how much you’d be willing to pay. Transferring dollars into bitcoins can take time so make sure you know how long the process would take and plan accordingly. Radiolab has a great podcast titled "Darkode" that details the problems one individual had paying the ransom.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.