The Rise of RansomwareMarch 7th, 2017 | By
The frequency of ransomware attacks has sharply increased since 2010. It started with a few attacks you would read about online. You then started hearing about it on the news, and now it is, unfortunately, commonplace. You may even know a local business who has suffered from it.
What is Ransomware?
Ransomware is a malicious piece of code dropped on a machine through a variety of different entry points at which point that code spreads throughout the system and starts encrypting files. Once the desired fields are encrypted, it drops an HTML file on your desktop with a message like this:
In other words, a hacker gets access to your computer, encrypts your files, and forces you to pay them. They will require the payment be made in bitcoin. The hackers generally get access to your computer through some form of phishing. This is when hackers send you an email that seems to be from a trustworthy source (UPS, for example) encouraging you to click a link. This link, however, contains malicious code that can then be used to steal passwords, see credit card details, or, in this case, encrypt your files.
Who Is Vulnerable to Ransomware?
Every company is vulnerable to ransomware attacks, but some companies are more frequently targeted. Any company with sensitive and valuable data, such as a law firm or doctor’s office, are more frequently attacked. The main reason is because they cannot function without their data and are therefore willing to pay more to get them back. To these companies, losing certain information can mean they will have to shut down. A donut shop, on the other hand, doesn’t have as many documents that they truly can’t do without.
Hackers are smart about not only who they attack, but how much they ask for. They know how valuable documents are to each business and ask for an amount the business can pay without going out of business. If the hacker asked for so much money that the company would be put out of business, they wouldn’t pay.
Why is Ransomware on the Rise?
Ransomware exists because people pay. If no one paid when their files were taken ransom, then the hackers would stop the attacks as it’s not profitable. It is just like taking anything else for ransom. Unfortunately, companies do pay. Some companies frankly have no choice in the matter. If your business has no backups in place, it is incredibly difficult if not impossible to get that data back otherwise. Estimates show that in the first 3 months of 2016 ransomware attacks cost businesses $209 million. This is not taking into account the businesses that paid without reporting the crime. With these kind of profits, it is unlikely that these hackers will stop anytime soon.
How do I Protect My Company?
Paying the ransom isn’t the only way to keep your data. The best strategy is to minimize your vulnerability to an attack in the first place and to have a plan in place in case your business does get attacked.
There are many ways to protect your business from the attacks like firewalls and anti-spam software. One of the best methods, however, is also one of the simplest: a great IT policy.
Human error is the weakest point in your IT security.
Phishing emails, for example, are very hard to spot. There are things to look for, but it is essential that you have an IT policy in place that is followed meticulously. Anything less leaves you very vulnerable to an attack. All the security software you have cannot protect your business from a careless employee.
Even with great security software and security-conscious employees, you can never be 100% secure. Hackers are constantly coming up with manipulative and clever ways to get access to your files. Luckily, if you have backups then you are still secure. By “backups”, I don’t just mean you have your file drive duplicated on the drive. To fully protect yourself, a full disk image backup is necessary. Something that can back up an entire server instance. Tools like Veeam accomplish this and can have your encrypted files recovered in as little as an hour depending on the size of your files.
Unfortunately, doing all of this well is very difficult and requires a very in-depth understanding of cyber security and your businesses IT infrastructure. You can’t protect yourself alone. This is where companies like Swift Systems come in. They offer managed IT services at a fixed monthly cost providing you with everything from traditional IT support to ransomware protection. Swift keeps your systems up and running efficiently while maintaining the systems necessary to protect you from ransomware. Give Swift a call to see how they can protect you from a ransomware attack.