Ransomware Overview for the Business Executive

Imagine this. Your computer has just been hacked by a malicious virus—one that you’ve never encountered before. This hack restricts access to your files indefinitely, and it imposes disturbing messages or images onto your screen. You are locked out of your own computer.

That is, your computer is held hostage, and you are demanded to pay ransom—or else, your computer stays locked.

Yes, you’ve received a modern remake of a ransom note.

Moreover, this scenario is not done by any-old malware but rather the new, and frighteningly more common, Ransomware. Do you know what to do if your computer is attacked? If not, you need to inform and prepare yourself. Since hackers can make significant money leveraging Ransomware attacks, your risk of exposure increases over time.

What exactly is Ransomware?

Ransomware, a new type of malware, enters your system through a downloaded file or a vulnerability in your network service. Once inside your computer, it quickly denies you access to any of the data on your computer. Then, you will be sent a notification demanding ransom in exchange for a passcode to unlock your data. Often times, the ransom note seems to originate from a legal authority, stating that illegal content has been found on your system. The message is typically followed by instructions on how to make an electronic payment. A notorious example is the WinLock Ransomware of Russia in 2010, where impacted users paid a total of USD $16 million to hackers in order to regain access to their data.

How could it affect you?

Ransomware can negatively impact you in numerous ways, including:

  1. Loss of critical data

    Businesses need to have access to their data at all times. As a result, when Ransomware hits your business, the damage is profound. When you cannot access your data, the vitality of your business is severely affected. Failing to act in the appropriate manner can, and almost always, does, lead to the loss of your critical data.

  2. Expenses incurred

    The ultimate goal of Ransomware is to extort money from you. Once it attacks your system, you are sure to incur damage costs. The ransom amount will vary but typically is not very high. The reason for this is that the hackers know your alternative is to have your IT staff (our security professional that you hire) attempt to decrypt your data and thereby retrieve it. The hackers’ goal is to set the ransom at an amount that will cause you to say “it is cheaper and quicker just to pay the money.” No matter which alternative you select, it will cost you money.

  3. Experience downtime

    When you are unable to access the data stored on your systems, your business’s necessary functions are stalled. In fact, it is estimated that the downtime faced during a Ransomware attack is more expensive and damaging to the business than the attack itself.

What you can do?

Let’s take a look at what you can do to ensure that your business remains free from Ransomware attacks:

  1. Back up your data regularly

    Maintaining offline backups of your data is critical to coming out of a Ransomware attack least unscathed. Your system does keep backups of data, but you cannot expect to be able to retrieve them and continue working. Modern Ransomware deletes all system backups of your data, making it impossible for you to restore to a previous backup point.

  2. Keep your email servers clean

    Emails were, are, and most likely will remain the most common way to spread malware like Ransomware. Therefore, you should always authenticate emails coming on your server to ensure that they are coming from legitimate sources. You should also regularly scan all incoming, outgoing, and stored messages because a trusted source might be used to send you Ransomware because that source has been attacked.

  3. Have a security team in place

    It is better to have the services of professionals in the field to help you minimize the damage during a Ransomware attack. Time is of the essence during a Ransomware attack, and you don’t want to be wasting it searching the web about what a Ransomware is and what to do when it hits you.

  4. Awareness and updating

    Knowing is half the battle. Always be up to date with the latest news on Ransomware and how to stay ahead of the game. Spread the knowledge among your employees as well and instruct them about simple things like not opening suspicious emails. Also, always update your system and all anti-virus or anti-malware software you have on hand because the updates contain vital patches to fend off Ransomware attacks.

  5. Pay the ransom

    Sometimes, when the value of the encrypted data is just too much to be lost for even a short while, then the only option left for you is to pay the ransom. Special cases like Ransomware attacks on police networks or hospitals fall in this bracket. The case of Hollywood Presbyterian Medical Center in Los Angeles paying $17,000 in ransom is one such case where the ransom just had to be paid. Almost everyone advises against this, but, when the data is as vital as hospital records of close to 5 million patients, then paying the ransom is the only option.

Industry experts believe that Ransomware attacks will continue to grow, since they represent an easy source of money for Hackers. Assured Technology works with companies to implement a sound security plan in place to guard against Ransomware and other types of attacks from hackers.