Despite how widespread these attacks have been in recent years, the issue of ransomware remains rather mysterious to most people. Obviously, the criminals behind ransomware attacks don’t want to draw too much attention to themselves. But the victims of the attacks also want to stay out of the spotlight in most cases. Why is that?
- They don’t want the public to think that their data has been compromised
- They don’t want shareholders, competitors, or customers to know they’ve taken a hit
- They don’t want to reveal their vulnerabilities to other hackers
This makes it difficult for many people to fully appreciate the scale and immediacy of the threat posed by ransomware. It can lull businesses – especially smaller ones – into a false sense of security. It makes ransomware seem like something that happens to other people, other businesses.
In fact, ransomware can strike anyone. And if you’ve done nothing to prevent an attack, you’re a sitting duck.
The good news is that there are steps you can take to prevent an attack. You can also have a plan in place that prepares you to respond to an attack if one occurs. This article will answer everything you need to know about ransomware and the steps your business should take to be ready.
What is ransomware?
Let’s start with the basics. Ransomware is a virus that infects your computer or mobile device. It encrypts your files and locks you out so that you can’t open anything. Ransomware may lock you out of your entire operating system so that you can’t even boot up.
Once the encryption is in place and you’re locked out, you’ll get a message demanding payment – literally a ransom – to regain access. Typically, payment will be demanded within 24 hours, after which the amount of the ransom will continue to escalate significantly. The ransom message will require payment to be made in Bitcoin, which (if the program creator is thoughtful enough) can be extremely difficult to trace. These transactions can be devised to be so complex as to seem untraceable.
Theoretically, once you’ve made the payment, the hacker will send you a decryption code that will unlock your files. But – surprise, surprise – criminals don’t always live up to their word. So even if you pay the ransom, you may not get your files unlocked. Which means…
Don’t pay the ransom demand if your business is attacked by ransomware! Ever!
It probably won’t get your files back, and you’ll just be funding a criminal enterprise. Instead, call in IT experts like BDK to help restore as much of your data as possible. It’s better to invest your money in IT experts to fix the issue rather than spending it trying to regain access to your system. Paying the ransom also doesn’t do anything to protect you from future attacks. In fact, once you’ve paid, you’ve established yourself as a good target for future attacks.
You will be much better off if you bring in an experienced IT or cybersecurity firm to help you out. Not only can they help decrypt and/or restore most (if not all) of your files, they can put measures in place to protect you going forward.
Prime Targets for Ransomware Attacks
The creators of ransomware attacks are savvy, and they often have specific types of targets in mind. These include:
- Businesses that have multiple employees connected through a network, which allows the attack to spread
- Business units that are networked with a larger parent company or conglomerate
- Public institutions, which have often neglected security and technology updates due to budget cuts
- Anyone who has paid a ransom in the past
These certainly aren’t the only types of organizations that are targeted. Even individuals are vulnerable. But due to their deeper pockets and larger networks, businesses and public institutions need to be particularly concerned about ransomware.
How Ransomware Gets in Your Network
It’s important to understand how easily you can fall victim to ransomware in the first place. Many of the most vicious and widespread versions of ransomware get past antivirus software undetected.
These are the most common ways ransomware infiltrates your network:
- An employee clicks a malicious links in spam email
- An employee is redirected from a legitimate website to a malicious one
- An employee is on a legitimate website, but the site has been attacked with malicious code
- Your network falls victim to a “drive-by download” (a virus is programmed to find vulnerabilities in your software and take control of a program)
- An employee clicks on an ad hiding malicious links
- An employee clicks on a malicious link in a text message (a particular concern for Android devices)
The last item on this list isn’t as much about preventing an attack as it is ensuring you’re prepared to respond to one. The reality is that ransomware is ever changing, so you’re always vulnerable to attack even if you’ve done everything right. That’s why every organization needs a solid high availability and disaster recovery plan in place before disaster actually strikes.
What to do if Your Business is a Victim of Ransomware
Again, the first rule of responding to a ransomware attack is don’t pay the ransom!! Trust us, it may seem like an easy and quick fix, but you’re probably throwing your money away and you are certainly inviting more trouble in the future.
If an attack has happened, call your IT or cybersecurity firm immediately. They will try various decryption tools that have been developed to combat ransomware. They will also go through your entire network to make sure every last trace of malicious software and code has been eliminated. Finally, your IT firm will restore your data from offsite backups, significantly minimizing your losses.
We Can Help
We love helping our clients be proactive in their security planning. This truly is a situation where “an ounce of prevention is worth a pound of cure.” If you’d like to explore your options when it comes to preventing ransomware attacks, contact us and we’ll set up some time to chat.