You’ve read about Ransomware in the news. International cyber criminals are like prowling lions hunting for vulnerable businesses to extort. The ransomware threat is real. It’s becoming more common for local companies to get hit. We’ve helped a few of our customers recover from ransomware attacks. The violation, recovery cost, and work interruption is not something you want to deal with.
With a minimum of geek speak, this post will educate you about prudent steps you can take to protect your business from ransomware.
Cybercriminals use three tools to extort money from businesses:
- An unaware person that helps them penetrate network security
- Malicious software called ransomware that destroys company data
- An untraceable, non-government backed currency called Bitcoin.
There are many ways criminals try to hack your network. Most of the time they gain access because an unaware person simply lets them in. Modern firewalls and virus protection work well. Most of us run similar stuff because there are only a handful of security product manufacturers. Manufacturers quickly deploy updates when they become aware of new threats. We collectively benefit from better protection. But cybercriminals are smart — they’ve learned how to completely bypass firewalls and antivirus software instead of hacking them. They do it by embedding their tools in emails and websites that appear to be legitimate.
For example, I received an email from my cell phone provider, AT&T. They were asking for an update of my PIN and social security number. I immediately deleted it because AT&T had no business asking me for this information. They already had it. The threat got through my state of the art Google email security and Cisco network firewall. It fooled them because it was disguised as a legitimate message from AT&T.
Every day your team is bombarded with well disguised threats. It’s imperative that you educate your team to be on the lookout for them. It only takes one click on a bad link to allow criminals to bypass even the best network security.
An unaware coworker clicking a bad link causes ransomware to be installed. Ransomware destroys your business data by encrypting files. Encryption scrambles data using complex mathematical equations that can only be solved by having the key to unlock them. It’s too late to do anything once you notice that you can’t access your files. Cybercriminals don’t steal your data, they scramble it to prevent you from accessing it.
The ransomware encryption spreads to any hard drive or server connected to the first infected computer. Within hours all of your network data can be destroyed. This includes your attached backup drives. (FYI, you should always have a recent backup that’s not attached to your network.)
There is no way to unlock these encrypted files unless you have the key.
This is when cybercriminals extort businesses. A message pops up asking for a “ransom” to be paid in Bitcoin. Bitcoin is an untraceable digital currency not backed by any government. It was designed to allow people to conduct “business” free of the restrictions of geography or government oversight. In April 2016, 1 Bitcoin exchanges for around $400 USD. We’ve seen ransoms run from ½ bitcoin ($200USD) on to tens of bitcoins ($10K or more USD)
Business leaders hit by ransomware are forced to make a difficult financial and moral decision. Cyber criminals are smart. They examine the encrypted data to set a plausible ransom price. They understand that “customers” will not buy the key if the price is too high. They also know that law enforcement is of little help. Most businesses are not eager to file a public police report about how they’ve been hacked.
Your options after a ransomware attack are not good:
- Pay your IT team to restore from backup IF you have one and IF it was not destroyed in the crime. (FYI, the restore process overwrites any evidence of the crime.)
- Do business with international criminals (indirectly supporting God knows what) by paying the Bitcoin ransom
I don’t like those options. I’m sure you do not like them either.
Now there is a better option…
TechKnowledgey, Inc.’s Network Security as a Serivce allows your business experience the benefits of connected growth while protecting you, your team, and your data from the threats of being online. We’ve tested it against real world threats. We can’t protect you from everything international criminals may think up, but you should strongly consider this option. Ransomware protection is not provided by your typical antivirus software.
Take the next step to protect your business. We’re always here to help if you get hit, but we would rather give you an option to better protect your business. Ransomware is 2016’s #1 threat to your business data. Clicking one bad link can cost you a bundle. If our Network Security as a Service protects you even once… it has more than paid for itself.