Ransomware is arguably the most notorious malware these days. It has crippled countless systems across organizations. One of the most recent ransomware attacks managed to briefly paralyze the office of California State Senator Bob Hertzberg, who happens to be the author of the bill crafted to outlaw this same menace.
In this post, we talk about what ransomware is, how it threatens your business, and what you can do to protect your digital assets from it.
What is Ransomware?
Ransomware is a type of malware whose main characteristics involve locking up files or even entire computer systems and demanding ransom. In most cases, this malware uses encryption as the locking mechanism while requiring electronic methods such as bitcoin, Ukash, or Money Pack for the ransom payment.
End users whose systems have been infected mostly acquire the malware through malicious email attachments, online advertisements, pirated software, or—as was likely the case in the incident involving Senator Hertzberg’s files—targeted attacks.
Cyber criminals are making a killing carrying out ransomware attacks because most victims pay. Ransomware campaigns are low cost and offer a good return on investment. A far majority of malware dropped by exploit kits (tools used by cyber crooks to automatically find vulnerabilities in computers and drop malicious software) are ransomware.
Some of the biggest names in the ransomware family include: CryptoLocker, Reveton, CrypoWall, and CryptXXX.
Why Ransomware is a Threat to your Business
Among the major problems ransomware attacks cause, an expensive ransom payment is probably the one that hits hardest. Take Hollywood Presbyterian Medical Center as an example. The Los Angeles hospital that got hit by ransomware and the ransom demand was tagged at 9,000 bitcoins or an astounding $3.6 million.
The cyber criminals responsible for that ransomware settled for 40 bitcoins or $17,000, but just imagine how much more the loss would have been if negotiations hadn’t fallen through.
Another major problem of a ransomware attack is the downtime. If the files that get locked up contain the only copies of your business-critical data, you could experience some serious downtimes. This could lead to delayed deliverables, lost opportunities, and a lot of irate customers and trading partners. Unless you’re able to unlock those files, those downtimes can quickly translate to financial losses.
When your downtime stretches, your problems grow exponentially. The incident could cause irreparable damage to your company’s reputation, significantly reducing your appeal to potential customers, and could ultimately drive your customers away.
Protecting Data Against Ransomware
Most ransomware can be detected and destroyed by antivirus software, but there are exceptions. Some ransomware are equipped with excellent evasion features that allow them to enter systems, connect with their command-and-control servers, and encrypt files before they’re discovered.
One way to defend your business against ransomware is to educate your employees about their existence, how they infect and operate, and the best practices for countering them. Simple actions like confirming whether an alleged email sender actually sent an email, avoiding pirated software, and reporting suspicious email attachments, can go a long way in preventing a ransomware infection.
Another effective countermeasure is keeping backups of your data. Keep in mind that certain malware stays dormant for some time before activating, so some backups could already be contaminated. We recommend having a backup system that allows you to return to previous backup points, such as before the attack. Some ransomware are capable of seeking out attached or connected storage systems, so make sure your backups are detached from your system.
Want to know more about how we can help you mitigate ransomware attacks? Contact us now.
BRITECITY is an Orange County IT Services firm supporting local businesses in the area of Managed IT Services, Cyber Security, Cloud Services and Strategic IT.