Ransomware is a when cybercriminals kidnap your data (via encryption) and then demand money so that you can decrypt your own data. It sounds scary and it certainly is! Here are the top seven things you need to know about ransomware.
#1 It Can Happen to You
Cybercriminals rely on people’s false confidence. Don’t think “it won’t happen to me.” Yet organizations of all types and sizes are targeted. Governments, educational institutions, healthcare providers, financial institutions and all sorts of small businesses have been hit.
#2 Ransomware Spreads Fast
Ransomware is malware (malicious software) that can spread quickly and easily throughout your network. So, if someone in accounting opens a ransomware file, every single computer on your business network could be quickly infected. Remember the debilitating WannaCry ransomware attack of 2017 – within four days of its first detection in Europe, the strain had spread to 116 countries.
#3 Ransomware Targets People
A common method is for the attacker to get to know your business first. They then send an email impersonating a colleague, supplier or customer asking you to take action or update contact details by clicking on the link or downloading a file. If you are not carefull it is very easy to get tricked into clicking on the link that will infect you.
#4 Ransomware is Costly
Once the ransomware has infected your system, it locks down your files by encrypting all your data. To regain access to the files, you need a password or decryption key which the attacker will provide for a fee! Once you have paid the fee though the attacker may not supply the key or even demand more money – remember that these are crooks you are dealing with!
In Coveware’s analysis of Q3 2019, the average ransom payment increased by 13% to $41,198 as compared to $36,295 in Q2 of 2019. And that is just the cost of the ransom. Indirect costs include downtime, lost revenue and long-term brand damage. There is also the expense of removing the ransomware, forensic analysis, and rebuilding systems.
The average ransomware attack in Q3 2019 resulted in 12.1 days of downtime. – Coveware
#5 Ransom Requires Cryptocurrency
Ransom payment is usually made by bitcoin or another similar cryptocurrency. Your business needs to buy cryptocurrency with actual cash, then transmit the ransom to the bad guys. They choose cryptocurrency because it’s very difficult to track.
#6 A Recovery Plan Helps
Having a plan in place can help you respond more reasonably. Document plans to disconnect infected computers from the network as soon as possible and also power down any machines that could be vulnerable to avoid spreading contagion.
You should also plan in advance whether or not your business will pay a ransom. Weighing the costs and benefits without the stress of an actual attack can help you react more strategically if things do indeed go pear shaped sometime in the future.
#7 You Can Take Preventative Action
Don’t just sit around worrying and waiting for a ransomware attack. There are many things you can do to help prevent this type of attack:
- Filter traffic by using both hardware and software based firewalls. This can help prevent it from coming into your network in the first place. If an infection does get through, firewalls can also help prevent the malware talking back to its command control servers.
- Scan inbound emails for known threats and block certain attachment types.
- Use antivirus and anti-spam solutions.
- Regularly upgrade and patch your operating systems and software.
- Educate all users about social engineering.
- Allow remote access to your network only from secure virtual private networks.
- Back up your data to more than one location so that you can restore any impacted files from a known source.
Ransomware is a lucrative, relatively easy mode of attack for cybercriminals. They could target your business. If you are in Adelaide or South Australia contact DP Computing today for help implementing the best protection practices to help keep your data safe. Call us on 08 8326 4364 or su*****@dp*********.au.
Pingback: Are You Protected Against Leakware? | DP Computing's Blog