It isn’t any surprise that ransomware attacks increase in number every month given how simple it is to attack a company. A recent study by McAfee Labs identified more than 4 million samples of ransomware in Q2 of 2015. Ransomware will remain a major and rapidly growing threat in 2016 with new variants and success of the “ransomware-as-a-service” business model.
Here are some of the ways computers and mobile devices can be infected:
- Links in emails or messages in social networks— In this type of attack, the victim clicks a malicious link in an email attachment or a message on a social networking site. Email is the most common method for distributing ransomware.
- Pay per install— This popular method attacks computers that are already part of a botnet (a group of infected computers under the control of criminals called botmasters) — further infecting them with additional malware. Bot herders, criminals who look for security vulnerabilities, are paid to find these opportunities.
- Drive-by downloads— This form of ransomware is installed when a victim clicks on a compromised website. In particular, users of some streaming video portals have been hit.
Most ransomware uses the AES algorithm to encrypt files. To decrypt files, hackers typically request payment in the form of Bitcoins or alternate online payment voucher services. Typically, the ransom is paid through Bitcoin, and it can range from $300 US dollars for small operations and up into the tens of thousands of dollars for hospitals and other large corporations. To avoid compliance penalties for data breaches, organizations typically take the hit and pay the ransom. Thankfully, your data doesn’t have to be vulnerable to such attacks. Without a lot of difficulty, you can protect yourself and your business from ransomware criminals by following these three key steps.
Step 1: User Awareness
Knowledge is the real key to avoiding an attack. Basic security training for your staff is a must and should highlight what phishing is, how ransomware attackers infect systems, and the impact to your business in the event of data loss. Malware can come in many forms, including phishing emails, social media attacks, and in rare cases, an infected Microsoft office documents received. Training needs to occur at least twice a year so that it sinks in, and security should be something all employees are responsible for, not just those who work in IT.
Step 2: Plan for an Attack
Having an up-to-date antivirus program and patching your computer are crucial steps for any business. NeXT Generation Firewall with web filtering is a must. It’s not a matter of whether your network gets affected — it’s a matter of when.
Step 3: Back up Your Data
This is a crucial step. If you back up your data on a regular basis, you can simply restore your company data if your company network is attacked. With data protection solutions from Kloudfyre, snap-shots of the system is taken as frequently as every 5 minutes to create a series of recovery points in time combined with a hybrid local and cloud backup technology.
When it comes to the threat of ransomware, the benefits of a data protection solution are three-fold:
- Your business will never need to pay hackers ransom to get critical data back.
- Your business will avoid data loss – from ransomware or other – since backups are taken frequently and can be restored quickly. Finally, make sure customers understand the need for an additional layer of business protection in the not-so-rare case that ransomware does make it through the front lines of defense. Sometimes even with these proactive security measures, breaches still occur. That’s where a backup and recovery solution comes in.
- Your business won’t experience significant downtime (since users can access critical data and applications while primary systems are being restored)
Many victims do not know what they should do aside from removing the infection from their computer. The FBI’s Internet Crime Complaint Center suggests victims:
- File a complaint at the FBI’s Internet Crime Complaint Center (IC3).
- Keep operating systems and legitimate antivirus and antispyware software updated.
Ransomware is a scary thing, and having your data encrypted and deleted or stolen and released on the internet can take your business down. The steps outlined above can protect you, but partnering with a security professional is another great idea. Business continuity experts can provide a solid data protection platform and also perform forensic services to trace the origin of an attack. Measure the cost of proactive protection against the cost of ransom — you are always better off being prepared than becoming a victim.