Ransomware and Your Business
Ransomware and Your Business
Why take the risk?
The Oxford Dictionary defines ransomware as “a type of malicious software designed to block access to a computer system until a sum of money is paid.” Through one means or another, an unwelcome program, virus or software agent loads onto your computer and acquires control of your machine. It encrypts files and locks you out, then demands a ransom – usually in bitcoins – before the malicious malware is removed or neutralized. Basically your computer data and ability to conduct business are held hostage until a ransom is paid.
Earlier this year the FBI issued a statement saying that acts of ransomware were on the upswing. In March of this year the tech publication CNET magazine’s headline stated “Ransomware is the hot hacking trend of 2016.”
Known by colorful and creative names such as Locky and CryptoWall, ransomware has been around for years, typically targeting computers running Windows operating systems. However, today ransomware pirates have found ways to infect Macintosh and mobile devices as well, making all connected devices susceptible to this form of digital larceny.
What is concerning authorities the most is the sharp increase in ransomware attacks against companies, government agencies, utilities and medical facilities. Earlier this year ransomware pirates held the critical computer systems of Presbyterian Medical Center hostage for three weeks until the hospital paid a $17,000 ransom.
“It was probably the last thing the Executive Director of a state-wide non-profit (name of the organization and of the personnel kept confidential) expected to hear one morning,” said Andrew Streetman, president of Vysion Technology Solutions, the IT Managed Services Provider. “They had been struck by ransomware named Locky that had made its way into their IT network via a link in an email an employee innocently opened,” added Streetman, “It immediately begun encrypting files and locking people out of the file system.” “However, because we had them prepared for security threats and had a recovery plan for such events, we were able to quickly isolate the issue and restore their system from backup, negating the problem… from discovery to recovery took under three hours.”
“Unfortunately,” said Streetman, “in the vast majority of cases, someone attacked this thoroughly would have few if any options other than to pay a ransom and hope that the pirates make good on their commitment to remove or neutralize the ransomware.”
In most cases the reason a company is victimized by ransomware and had to pay a ransom to regain control and use of their own computers and data, is that they didn’t have an active plan to combat this type of malware and virus in place before they were attacked. Streetman recommends that a plan include the following:
- Receiving automatic up-to-date antivirus and antimalware protection
- Receiving automatic patching for OS and browser software
- Use of strong passwords and pop-up blocker
- Educating system users on appropriate caution in opening unfamiliar email links, URL’s or attachments, and to recognize potential virus attacks
- Conducting regular workstation and server backups
- Utilize a three tier backup plan consisting of:
- Local/on-site backups (Hourly/Daily)
- Tape, disk or other hard media backups (Rotation: Weekly/Monthly/Quarterly/Annually)
- Cloud / Off-site backups (Weekly/Monthly/Quarterly/Annually)
In regard to backup planning Streetman adds, “having a multi-dimensional backup plan allows for protection from both latent and immediate threats against file data resources. In many cases, the corrupted or locked data may not be noticed or accessed for weeks or months or even years. Utilizing the First-In-First-Out or Grandfather-Father-Son rotation methodologies are best suited for long-term data recovery.”
Associations are great targets for ransomware pirates as they are typically critical parts of an industry or of a segment of society, yet operate as a not-for-profit on a shoestring budget, and therefore are frequently found with incomplete data and computer system security resources. “They don’t have to be such easy targets,” says Streetman, “A little planning and some basic system management will greatly reduce the risk you’ll ever have to pay a ransom to regain control of your own system.”
About Vysion Technology Solutions: VysionTech is an IT Managed Service Provider that provides businesses with highly efficient and cost-effective solutions to their IT needs, including 24×7 help desk, 24×7 monitoring and alerting, system and data backup and security, patching and version control, antivirus and antimalware protection, web hosting, Office 365, cloud storage and virtualization services. Contact Chelsea Umphrey at 614-321-9136 ext. 711.