When you think about technology threats to your business, chances are you think of stolen sensitive information or the destruction of your backup systems. But did you know many thieves like to hold your data hostage to get you to pay a hefty ransom for your business data?
It’s called ransomware and it’s a major threat to businesses of all sizes.
What Is Ransomware?
Malware is “malicious software” that harms your network somehow. Ransomware is a form of malware that holds your files and systems hostage until you pay up.
If you’re hit, it’ll happen without warning. You’ll arrive at work one day unable to open or delete any of your files. They will all be encrypted with a clear ransom demand on your screen. The longer you take to pay up, the higher the amount you’ll have to pay. That’s right. The ransom increases over time.
This nightmare scenario is becoming increasingly common among small and medium sized businesses because these companies tend to have the least amount of in-house IT support. It’s an epidemic that’s growing because most businesses end up paying to get their data back.
It’s easy to assume that most malware is created by a few teens working out of a basement aiming to cause headaches, but that’s not the case with ransomware. Instead, ransomware is created and managed by commercial entities.
That’s right. The job of attacking hard working business owners is now a full on business, working out of office buildings and raking in millions of dollars every year.
The number of companies using ransomware to make a sleazy profit are increasing because of the low overhead costs, and high profits.
The Ins and Outs of Ransomware
Ransomware can infiltrate your system in a number of ways which are all initiated through a hacker. One of the most common ways starts when a hacker sends an innocent email to someone in your company asking the person to download a file. Once that file is on one of your company computers, the malicious program spreads through the company network
encrypting vital files one at a time in rapid succession.
Once the encryption is complete, the files are useless. Not only do you have a large price tag to pay for the files but your business is losing money from downtime. Other ways ransomware hackers gain access to your system is by attracting you to a shadow website. This website can even sometimes be found on a google search, and looks just like the site you normally go to, except it is actually an imposter that steals the data you enter on the site.
Infected USB keys that you get as gifts, in the mail, or even just find lying around can also infect your system.
Some ransomware hackers even go as far as to call you pretending to be Microsoft or another reputable company in order to take remote control of your computer and infect it.
Ransomware is the biggest cybersecurity threat to businesses today, and it can come in many sneaky forms. You have every right to be worried about this happening to you. After all, it’s the biggest story in cybersecurity today.
Real World Examples
Although ransomware isn’t new (it started to pick up steam in 2013), it is quickly evolving into an epidemic of unprecedented size and scope. In 2015, ransomware netted over $325 million and has already made over $200 million in the first half of 2016.
Just this past weekend possibly the biggest ransomware hack ever occurred. The Wanna Cry ransomware attack has managed to infect over 200,000 individuals in around 150 countries. The world is still waiting to see what the total damage of the hack will be.
A few other examples of individual companies hit include:
- Hollywood Presbyterian Medical Center which paid $17,000 in February
- University of Calgary which paid $20,000 in June
- Kansas Heart Hospital which paid a “small” amount to unlock a portion of their files but then had to pay another ransom to unlock the rest.
In the beginning, ransomware affected personal computers. Now, hackers have discovered they can get more out of attacks on businesses and organizations. Small and medium sized businesses are being hit harder than ever now. Just take a look at these stories in the Wall Street Journal and New York Times with detailed cases of the threat playing out in real life.
What Can You Do?
Scared yet? You have good reason to worry about this prevalent threat but there are things you can do to protect your business.
Talk to Your Team
Ransomware enters your business through one of your team members. Educate your office about the importance of knowing who is sending a link or an attachment before opening it. Make sure everyone knows how to identify dangerous links and attachments.
Update Your Security Software
Ensure your firewall is up-to-date with the latest firmware upgrade, and make sure your anti-virus and anti-malware is patched and updated as well. This is your first layer of defence against an employee that mistakenly opens a bad link or an attachment.
New strains of ransomware are being created and released daily so having the most recent security software is a must.
Protect Your Data
The ultimate failsafe against ransomware is to protect your data. A data protection solution will automatically take snapshots of your data at regular intervals and then store that data on a secure location. If ransomware does make it through to your business, you can simply turn back the clock and restore your system with the latest version of your business before the attack.
Are You At Risk?
If you’re not sure whether your system is a strong enough defence or if you have the latest version of software, you’re probably at risk.
Don’t be the next target on the ransomware businesses’ hit list. Sign up for a Cyber Security and Vulnerability Audit from QCS Group to make sure you’re as protected as possible. For more information, click here.