The latter recently happened to a colleague of ours with ransomware, something that shook us to our core and reminded us to revisit our security policies. Ransomware occurs through a phishing email or click ad on a website. Anyone in your organization can mindlessly be clicking something and put you in a world of trouble.
There are many kinds of ransomware. However, all of them have one thing in common: they prevent you from using your computer as you normally would, and require that you do something before you can use it normally again. A common type of ransomware essentially turns your system’s built-in encryption process against you by encoding your files and sending the encryption key back to the cyber thief who created the ransomware. The attacker then holds your files hostage until you pay the demanded “ransom,” which can be to the tune of hundreds of thousands, of dollars. Obviously, an attack like this can be crippling and devastating to a small business that must have its files in order to survive, but does not have the required “ransom” to buy them back.
This form of “data kidnapping” is on the rise, showing up at an alarming rate. In fact, according to Computer Crime and Intellectual Property Section (CCIPS), more than 4,000 ransomware attacks have occurred every day since January 2016, a 300% increase over 2015 when 1,000 ransomware attacks were seen per day.
These staggering numbers illustrate just how scary and real ransomware threats are, yet many of us don’t have systems in place to pre-emptively look ahead and proactively plan if it happens. Here are some of the common ways to be prepared for a ransomware attack:
As you may have noticed, the United Kingdom was recently hit with ransomware cyber attacks last week because updates (patches) already provided by Microsoft weren’t installed.
It seems crazy to think that something as simple as not running updates can cause something so detrimental, but that’s exactly what happened. Microsoft releases patches for known threats, but if people and companies fail to install them in a timely fashion, they’re much more likely to become victims of the attack.
So, take precaution and install software updates immediately and on a regular basis. Also, turn on auto-updaters if you have that option (you do in Microsoft), and run anti-virus software, too.
It may go without saying for some, but back up your important data on a daily basis. The best place to do so is in the cloud, the most secure, fastest and easiest way to protect all users.
If you back up on a desktop system, you’re more susceptible to being attacked. If you are using a local storage device or server to back up, make sure it’s offline and not directly connected to your desktop system, where the criminal thrives. Many people use network shares, where others can access important data. In this case, ensure backups are performed offline and unreachable from the infected machine. The same goes for your own machine backups on an external hard drive. Only connect those drives to a machine when doing backups, then immediately disconnect them when they’re done. And, make sure it’s encrypted!
While backing up your data doesn’t guarantee 100% prevention from ransomware, it does protect you from having to pay to get your data back.
A strong firewall and up-to-date security software are key to being prepared for a ransomware attack. At Sound Business Services, our go-to recommendation is Cisco Umbrella, which is located in the cloud and protects your team on a real-time basis. Although Cisco Umbrella cannot prevent ransomware attacks, it does prevent the criminal who sent you the ransomware from receiving the encryption key back, and thus, holding your files hostage.
It’s easier said than done, but we must try our best to make our team aware of what to do to prevent ransomware. Explain how it works and not to click links inside emails or visit sketchy websites. Moreover, if any of your team does get affected by ransomware, or even suspects that they might be, make sure they know how to respond and who to alert. Make sure they know to disconnect from the internet immediately so that more sensitive data isn’t in the hands of criminals. If data is backed up, you can re-install software, or take your computer to a repair shop.
Don’t Pay Up
Being prepared for a ransomware attack means not only ensuring that you don’t lose your companies files, but also that you don’t have to pay the costly ransom price. Paying ransom is not smart, and will often lead to more blackmail and deceit, in an effort to get you to pay more and more down the road. What you can do is alert authorities and work with them to find the best solution. Your local police may not be able to help, but the local FBI sure would.
Your Best Defense
Your best defense against ransomware is a strong offense. This includes proactively planning ahead to protect your information and keep criminals from breaking into your system in the first place.
If you would like to have a conversation about your system’s security and how to offensively be prepared for a ransomware attack, contact us today. Although we are still learning in the process, we would be happy to share what we have learned, as well as point you to some resources that have been a help to us. Hopefully, as a result, we can put the processes and strategies in place to fight, and ultimately defeat, this awful crime.