Ransomware – Don’t Be the Next Victim

ransomware-bear

Ransomware is one of, if not THE, greatest threats facing small-to-midsize businesses today, and as ransomware continues to wreak havoc and catch headlines, it’s no wonder that IT teams are doubling down on protection against these debilitating attacks.

What is Ransomware?

Ransomware is a type of advanced malware attack that takes hold of a device, either locking the user out entirely or encrypting files so they cannot be used. This type of malware can infect your device in a variety of ways.
Whether downloaded from a malicious or compromised website, delivered as an attachment in a phishing email or dropped by exploit kits onto vulnerable systems, once executed the ransomware will either lock the computer or encrypt predetermined files. The attacker will then make themselves known with an “official” ransom demand, as well as thorough instructions and timelines on how to make a payment to regain your assets.

Phishing for Access

One of the most common methods of delivering ransomware is through a phishing email attack. These targeted emails are often written in a way that the unsuspecting users would never know that it wasn’t from a legitimate sender. They often contain a malicious link or download that grants the hacker passage to not just this device, but opens the door to your entire organization.

Spear-phishing is a more sophisticated targeted attempt to steal sensitive information from a specific victim for malicious reasons. This is achieved by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online.

The attackers then disguise themselves as a trustworthy friend or entity to acquire sensitive information, typically through email or other online messaging. This is the most successful form of acquiring confidential information on the internet, accounting for 91% of attacks.

Breaking into the Den

Email is the #1 ransomware delivery method

  • 31% through an email link
  • 28% via an email attachment
  • 24% through a website or web application

And the associated costs are soaring – the ransom demands (should you choose to pay) have increased from $294 in 2015 to an estimated average of $13,000 per attack in 2019. And there are no guarantees that paying the ransom will result in you regaining access to your files.

How to protect yourself

It’s agreed by all security experts that prevention is the best cure … there are commonsense measures that you should be sure you & your staff are aware of.

  • Invest in quality cyber security. This not only means a recognized Anti-Virus (our current recommendation is Kaspersky – but be sure to search for a good price) but also some form of real-time protection (For this Malwarebytes is by far our ‘turn-to’ resource)
  • Keep your Operating Systems & Software updated.
    Whilst the monthly reboot that updating Windows requires can be annoying, it is a small annoyance compared to losing access to all files on you computer or network
  • Make Backups … We can’t stress the importance of this enough. Use the rule of Three – If you don’t have 3 copies of your data on different media & different places then you don’t value it.
    Cloud storage has become very cheap & offers encryption & multi-factor authentication to ensure that your offline data is secure.
    USB Storage is also effective & affordable – as long as you do not have them physically connected at all times.
  • Stay aware of the risks that are prevalent – If you don’t recognize an email or attachment then DON’T open it … if it seems suspicious – it probably is!
    Check who emails are coming from – Whilst scammers can be very creative with designing their emails to look legitimate, their email address is harder to disguise.
  • Don’t click on anything unless you are sure it is legit.
    Banks, Government Agencies & Reliable Businesses do not usually send out emails that have clickable links – and if they do, hovering over the link should display the destination address in your browser bottom bar. If it doesn’t match the organization that it claims to be from then it probably isn’t!
  • If you get infected DON’T PAY!
    Contact your IT department or a local IT expert – chances are that they will have recovery & protection methods that will be far cheaper than what your cybercriminal is demanding!