A Brief Guide to Ransomware
...and how to prevent it
Everything today is digital. All your business’s data, like bank account numbers, employees’ personal information, and customer payment information is likely all stored either on-site at your business or off in the cloud. After all, nobody uses filing cabinets anymore.
Because we live in an increasingly digital world, the number of cyberattacks are growing every year, and ransomware is quickly becoming cybercriminals’ favorite attack strategy. According to information from the U.S. Department of Justice, there are over 4,000 daily ransomware attacks—that’s almost 1.5 million every year. And we’re not just talking about big businesses here - even smaller companies and school districts have been targeted.
What Is Ransomware?
Ransomware is a form of malware that encrypts all of your data when it gets into your system. The attacker will then demand payment to decrypt, or unlock, your system. It’s essentially like taking your systems hostage, hence the “ransom” part of ransomware.
A successful ransomware attack can cost your business thousands, if not millions, in downtime and payments—even if you do have a data backup. In 2019, ransomware attacks cost businesses $7.5 billion in damages.
How Does It Work?
Ransomware is a type of software that’s designed to target certain types of files (.docx, .xlsx, etc.) or all files on a drive or network. When it gets into a system, it hunts down every instance of the specific file type(s) it’s programmed to find and encrypts them. Once encrypted, only the person with the encryption key can access the files. That person is, of course, the attacker.
In almost all cases, ransomware enters a system by someone clicking a bad link. These links are usually sent to employees via spoofed emails, aka “phishing attacks” typically through email or social media. When someone clicks the link, the ransomware has free reign to any files on the computer, including networked servers. If it infects an admin computer with full access to an entire business infrastructure, it can easily shut down the entire organization.
Once the data is encrypted, the attacker will request payment in exchange for the encryption key, usually in the form of cryptocurrency such as bitcoin. The demands vary depending on the type and size of the business, but ransoms can range anywhere from a couple thousand to tens of millions of dollars.
The average cost of a ransomware attack is $2,500 per user. If your business has 800 users on its network, you’re looking at a possible $2 million ransom.
The Main Targets of a Ransomware Attack
Unfortunately, no business is safe from a ransomware attack. Ransomware is cheap, and cybercriminals are using it to target anyone and everyone, hoping for a quick and easy payout.
Although nobody is safe, there are a few industries that are more at risk for a ransomware attack:
● Finance and banking
● IT service providers
● Accounting firms
● Law firms
● Food, grocery, and retail
Typically, the more lucrative the information, the more at-risk a business is. For sensitive information like social security numbers, personal details, etc., cybercriminals know that a company will likely pay more to get the information back, so that’s who they target.
Even more concerning, in many cases the ransomware is activated after the hackers have been in your system for a while and have already pulled out sensitive customer information or other data that they can profit from. In cases like this, the ransomware attack is the first warning a company has that hackers have attacked them - but it’s after a lot of damage has already been done.
Tips to Protect Yourself
The best way to protect your business from a ransomware attack is to stop it before it even happens. Here are some tips to protect yourself from a ransomware attack:
Implement Proper Detection Methods
The faster you can detect an intruder in your network, the faster you can react and mitigate potential damage. It’s important to install software or hardware that can constantly scan your network for malware and other threats and alert you the second it finds an issue. Many managed service providers also offer system scanning as a service.
Since most ransomware accesses systems through phishing schemes, it’s essential to train your employees how to identify and avoid online scams.
Even if you think your employees know enough about cybersecurity to not click malicious links, it’s always better to be safe than sorry. In anti-phishing tests, up to 50% of malicious links are clicked. Remember, it only takes one click to infect your entire system. Teach your employees about cybersecurity best practices, so they don’t let malware into your network.
Backup and Recovery Planning
Although the best way to prevent ransomware attacks is to stop them in the first place, that’s not always foolproof. Always have a backup plan just in case an attack is successful.
A backup and disaster recovery plan will ensure that you’ll be able to restore your data if ransomware encrypts your systems. Instead of paying the ransom, you can simply delete all your files and restore them from the backup - assuming you have a recent enough backup file.
But implementing a backup isn’t enough. Perform quarterly tests to ensure your backup actually works. There’s nothing worse than experiencing a ransomware attack and deleting your systems, only to find out that your backup solution doesn’t actually have your data.
Budget and Plan for Attacks
Many businesses don’t incorporate cybersecurity solutions into their annual budget. It’s one of those things you never hope to have to use, so why would you pay for it!?
But cybersecurity is always worth it. Even if you think working with a managed services provider or implementing in-house security solutions is out of your budget, they’re almost guaranteed to still be cheaper than a breach.
Don’t Fall Victim to Ransomware
With the number of ransomware attacks on the rise, it has never been more important to protect yourself. Train your employees, implement proper detection methods, and use an effective backup and disaster recovery solution, and hopefully, you’ll never have to experience disruption a ransomware attack can bring to your business.
Our expert consultant on this article was Bank of the Pacific client, Summit Security Group. They specialize in cyber security assessments, training, advisory, implementation, protection against online threats, assistance in identifying and fixing vulnerabilities in your systems, and more.
At Bank of the Pacific, we occasionally reach out to clients and outside companies for information on various subjects that would be of interest to our clientele. The information they provide is their opinion, not necessarily that of the bank. Sharing their opinion in these articles does not constitute an endorsement of the company.