With ransomware wreaking havoc within corporate human resources departments, new ways to deal with data theft are rapidly emerging. But while some solutions are complex and costly, others are surprisingly simple.

In an article on the topic in CSO Online, Brian Nesmith, CEO of Sunnyvale, California-based cybersecurity company Artic Wolf Networks, suggests that human resources departments set up a dedicated workstation for receiving and viewing resumes and similar documents that have been selected by data thieves as Trojan horses for ransomware. 

Nesmith notes that the thieves have targeted HR because it shares data with other departments, such as finance, and also connects with parties outside their own organization. By penetrating HR with an innocent-looking job response, the ransomware can spread throughout HR's network.

Recommended For You

"Ransomware is a little different [than other hacking methods] because with most attempts to penetrate, you want to compromise the device and be fairly quiet," he says. "Ransomeware, once in, moves aggressively. HR is the perfect world for ransomware. It infects one device and thirty others get infected."

Because HR personnel tend to be less IT-literate than those in other departments, they're not great at spotting the intruder until it's too late. To create a defense, Nesmith recommends close monitoring of the network, training those in the department to be on the lookout for an intruder, and setting up a separate work station that potential threatening documents are sent to and viewed.

Nesmith says the key isn't to segment HR's entire system from the rest of the organization's system, but rather to protect the rest of the organization by ensuring certain documents and communications are managed outside the network.

"Segmenting is not going to protect the device itself. They need to open the files in a cloud environment where they can set it up to not infect anything else," Nesmith says.

By moving all such data directly to a cloud platform, HR can still do its work without having to worry about exposing key information to penetration by ransomware.

Dan Cook

Dan Cook is a journalist and communications consultant based in Portland, OR. During his journalism career he has been a reporter and editor for a variety of media companies, including American Lawyer Media, BusinessWeek, Newhouse Newspapers, Knight-Ridder, Time Inc., and Reuters. He specializes in health care and insurance related coverage for BenefitsPRO.