Everyone knows or has heard all those terms that strike fear in our hearts including viruses, hackers, trojan emails, phishers, and now ransomware which seems more prevalent than ever. Ransomware attacks on companies are exploding and according to the CSO are expected to exceed $11 billion in 2019, that is with a "B". Unfortunately this is largely because companies that have been 'ransomed' are willing to pay the 'recovery' fees versus letting customers become aware they have been hacked.
What is Ransomware?
Ransomware continues to dominate conversations about cyber security. Ransomware is simply a form of malware that seeks out and locks down critical data. In order to unlock your data, you must pay the bad guys or hackers, usually in the form of “bitcoin” currency. (Bitcoin is a web-based currency or crypto currency, popular with hackers and other cyber criminals that relies on blockchain for anonymous payments.) Here cyber security columnist Josh Fruhlinger shares a definition of what ransomware is and how the hacker gets your money:
Ransomware is a form of malicious software (or malware) that, once it's taken over your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment."
Josh Fruhlinger, Cyber Security Expert
Ransomware is Everywhere
You’ve probably seen or heard of companies from Equifax to eBay, Home Depot and Yahoo, Target to Sony, Uber, and even RSA, a cyber security firm being mentioned in the news in relation to cyber security attacks. The omnipotence of cyber security has touched our lives from personal to professional, even political as we hear how the Russians have attempted to manipulate our Presidential elections. We all know this stuff is bad but it’s also shadowy and obscure. Is there anything we can do to protect ourselves and our businesses?
Who Creates Ransomware and Why?
The cyber world is full of shadowy folks with different motivations and different classifications of hacking like script kiddies to hacktivists but know this: The era of a teenager computer geek, drinking energy drinks and hammering out malicious code in the basement of their parent’s home is over. Ransomware is about criminals making money, lots of money.
Ransomware is big business and whether it’s nation-state-sponsored or organized crime the bad guys are capitalizing on it. There is no sign of it slowing down. To make matters worse, businesses are reluctant to make a ransomware attack public for fear of damage to their brand and decreased shareholder value.
How Does Ransomware Get Into My Business?
Different methods are used by attackers to deliver ransomware to your computers, servers, and network. Regardless of the delivery, be it phishing, botnet, infected thumb drives, malicious websites or “free” software, the ransomware ultimately seeks out and locks down your data and the attacker ransoms it back to you. So, whether it’s a simple deception that tricks you into divulging confidential information or you are the victim of malicious advertising, ransomware can be costly and business disruptive.
How to Protect Against Ransomware
One of the first steps in defending against ransomware is easier than you may realize. Begin by working on company culture; Educate everyone, from the CEO, to sales, to anyone that uses the company network, on the fundamentals of cyber security.
Best practices for protecting against ransomware include:
- Never click on any email link or file you do not expect or seems out of place.
- Pay attention to the 'from' email address. Is it the real thing or something similar? An example is email@example.com versus firstname.lastname@example.org.
- Keep antivirus and browsing security software updated.
- Avoid the use of flash drives, if possible.
- Never download a file without completing a security scan first.
Next, understand all assets you have under management – protect all endpoints and devices, then develop a plan of action you will take in the event you are breached. Don’t wait until you are a victim of ransomware to craft your response.
Ransomware Checklist for Businesses
- All data updated and patched.
- Data is backed up locally and off-site.
- A full business-class antivirus tool set is in place with auto updates.
- An ICSA certified firewall.
- Managing rogue endpoints.
- Adhere to strict BYOD
The security of the network, data, and customer financial records must be the number one priority of every business. Without a comprehensive strategy, the risk of lawsuits, loss of revenue, and ultimately loss of customer trust may result. Cyber security is vital to businesses and ransomware is on the rise with more sophisticated vectors or methods of attack. An ounce of prevention is definitely worth a pound of cure or better put, an investment with the good guys today is better than ransom paid to the criminals tomorrow.
Ron Lenox is a veteran of the cyber security field and advocate for protecting business client’s networks and information assets. Ron enjoys traveling, college sports and various outdoor activities with family and friends. Wildlife photography is a special passion of Ron's when he is not busy preparing a great steak on the grill.