22 Jun The Rise of Ransomware and What it Means for Your Business
Ransomware is one of the fastest growing threats for businesses across the world, and often, small and medium-sized businesses face the greatest risk.
In the last year alone, ransomware threats have exploded, increasing alarm all the way from security professionals to company owners worried about the integrity of sensitive company data.
In order to respond appropriately to the threat of ransomware for your own business, you need to understand exactly what it is and how to achieve ransomware prevention and removal.
What Is Ransomware?
Ransomware is a form of malware that encrypts your computer’s digital files and then demands a ransom to decrypt the data so you can regain access. It’s essentially a form of electronic blackmail. In some cases, entire networks have been encrypted, leaving businesses and organizations completely locked out of vital data. The problem has recently grown so bad that security researchers have dubbed 2016 “the year of ransomware,” leading major security organizations like Symantec to issue urgent warnings about ransomware’s unique threat.
In general, a message will appear demanding you pay the ransom with a crypto-currency, such as BitCoin, to unlock the files. The reason why hackers want you to pay in BitCoin is to ensure that the transaction is untraceable and anonymous.
The encryption is usually military-grade encryption, meaning there’s almost no way to gain access to your files without the right passkey. Most types of ransomware will even start to double the price of the ransom if you don’t pay by certain deadlines.
How You’re Infected
In general, computer networks are infected with ransomware when an individual downloads an attachment infected with the malware. Often, the e-mail attachment is disguised as an invoice or shipping receipt, which is something your employees may open on a regular basis.
A Growing Threat To Businesses And Organizations
US and Canadian law enforcement authorities have described Ransomware as an “epidemic.” In fact, in 2015, companies paid out an estimated $325 million due to ransomware attacks.
In 2016, the FBI released a report that outlined how ransomware is a growing threat, which has rapidly increased in the last year. The report notes that nearly every kind of business and organization has been affected, including school districts, church organizations, law enforcement agencies, government agencies, small businesses, corporations and even hospitals.
Examples of ransomware hitting companies have been making headlines across the world. For example, Hollywood Presbyterian Medical Center in California ended up having to pay $17,000 worth of BitCoins after ransomware brought this medical facility to a grinding halt.
Effective Ransomware Prevention And Removal
In most cases, it’s nearly impossible to decrypt your digital files without the right passkey. As a result, the best defense is implementing an effective offense with ransomware prevention and removal.
Here are a few ways a managed IT outsourcing service provider can help you ensure complete IT security:
- Secure Backups – Backups are perhaps the single most effective means for dealing with ransomware. Even if your system is infected with ransomware, regular and consistent backups mean you can simply restore your system with all the data you had before the attack happened. It’s extremely important to ensure these backups aren’t connected to your network; otherwise, your backups will also be vulnerable to ransomware infection.
- Make Email Safer – Anti-virus and malware screening applications need to be implemented across your email system and regularly updated to screen for emails that may contain ransomware. You should also disable all macro scripts from running on emails, as this can help prevent ransomware. At the same time, employees need training about how to spot ransomware and understand this unique threat.
- Use Whitelisting – Whitelisting isn’t always easy to implement, but it basically means you only authorize specific programs to run on your system. This prevents ransomware malware from ever spreading on your network in the first place. However, complications can arise from this strategy as your business may have literally thousands of programs that need to be whitelisted. It may also hinder employees from using new applications unless they’re approved by administrators.
Here is some bad news, and it underlines why ransomware prevention is so important. If your system is infected and you have no backup of your data, it’s extremely difficult to gain access to your files.
Even top law enforcement agencies have struggled to deal with organizations suffering from ransomware, and in some instances have privately recommended paying the ransom simply due to a lack of options. That being said, the official response from the FBI and many other law enforcement institutions is that you shouldn’t pay the ransom. There have been circumstances where the ransom has been paid and the passkey has never been delivered. On top of that, paying the ransom only encourages cyber terrorists to continue their behavior.
The threat of ransomware ultimately underlines why preventative measures like secure backups are highly necessary along with business continuity plans in the case that you’re infected with ransomware. Ultimately, the threat of ransomware is not going away anytime soon, and will likely grow over the coming years.