Imagine having the ability to print money.
That’s the kind of superpower the ransomware operator is trying to grab.
Ransomware is a ruthless form of malware. A computer virus that first grips hold of your files using sophisticated encryption techniques. Then, demands you pay a release-fee — anywhere from a few hundred, to hundreds-of-thousands, of dollars.
And what if you don’t deliver the funds…? The cybercriminal who has taken your data hostage will delete it.
Gone forever, lost into the ether.
For the business owner, ransomware can mean an entire operation sunk within seconds. That is…. unless you know what to do (and what NOT to do) when faced with the ransom request.
But before we dip into the detail, let’s first explore what ransomware can do.
WannaCry: The Ransomware That Infected Window’s Computers in 150 Countries
In 2017, ransomware known as WannaCry spread across the world. In just a few hours, it took hold of computers in 150 countries in what experts dubbed a first-of-its-kind ‘coordinated cyberattack.’
The malware encrypted files on infected machines, then demanded people and organizations pay $300 worth of Bitcoin to unlock their device.
If you didn’t pay-up, disaster struck:
- In the United Kingdom, the National Health Service saw 19,000 appointments canceled by the virus — at the cost of £92 million;
- In Germany, the entire national railway system went offline.
And while security researchers watched as the virus spread like wildfire, few were able to curb its progress. Why? Because this type of malware isn’t only capable of moving quickly, it can evolve just as fast.
It can avoid attempts to shut it down, leaving a wake of destruction in its trail.
In the case of WannaCry, a worm took advantage of a vulnerability in an outdated Microsoft OS — and even though Microsoft released patches, clients were slow to upgrade: a delay that cost them millions.
The only reason the attack eventually ground to a halt was a vacationing cybersecurity expert stumbled upon a kill-switch embedded in its code, which leads us onto a vital question.
….how can you protect yourself from a ransomware attack in the first place?
How To Avoid Ransomware Before It Takes Hold
When it comes to malware, the best thing you can do is try to avoid it in the first place (and that’s not as hard as it might sound). In fact, there are a few simple steps to averting a cyber-hostage situation.
- Keep anti-virus software up-to-date: Ransomware is an ever-evolving beast, so the only way to avoid new variants is to run the latest security software
- Auto-upgrade your OS: Suppliers work tirelessly to safeguard your network from attack, and they release frequent patches that protect against the latest threats — meaning regular upgrades to your operating system will ensure you plug vulnerabilities
- Beware of spoof emails: Unexpected emails from questionable sources are a leading source of malware infection, with links and attachments often containing the threat
- Back up your data: Ransomware works by encrypting important data and demanding a sum for its release. If you have a trustworthy back-up of your most important files, you can restore what you’ve lost and render the attacker’s method, obsolete (side note: always use secure online methods to ensure cybercriminals can’t access your back-up; better still, use offline storage as well — like a USB)
- Consider cloud storage: Cloud storage solutions like Google Drive, Dropbox, and OneDrive keep previous versions of files, which let you roll-back your data to an unencrypted version and stop the attacker in their tracks
While in the ideal world, everyone would manage to avoid ransomware, it’s one of the fastest-growing forms of cybercrime: Ransomware attacks rake in more than $1 million every week. And numbers like that result in ever-more sophisticated malware popping up every second.
Malware that makes ransomware challenging to avoid. So…. what can you do if you fall victim?
You can avoid disaster if you follow five basic rules.
5 Dos And Don’ts of Ransomware
- Never pay the ransom: It sounds counter-intuitive, “And how will I get my files back if I don’t pay?!?” we hear you ask. Well, let’s look at the situation another way round. If you do pay, what incentive does the cybercriminal have to release your files? They will consider you a fish to reel in and could demand that you pay again-and-again (or come back to target you later, even if they unencrypt your data this time).
- Don’t click any links or attachments: Ransomware isn’t always what it seems…. an email claiming to have encrypted your files (and asking you to click a link to release them) is likelier an attempt to dupe you into downloading an actual virus. The same goes for a suspicious-looking message asking you to “click the link to confirm ‘X’” — stay safe, don’t click.
- Update everything, immediately: If you suspect an attempted hack, protect your system by updating your OS, your anti-virus software, your passwords, your everything. You need to plug vulnerabilities before any other actions, while dithering only strengthens the attacker’s position.
- Restore a back-up version: If you have a back-up version of your data, now’s the time to use it. Once you’ve plugged the vulnerabilities, you can restore your business to working order with an uncompromised data-set and, as if by magic, the ransomer wields no superpower — or if you have no back-up…
- Contact an IT security consultant: As happened with WannaCry, an IT security consultant may just be able to find a kill-switch in the ransomware’s codebase. They’ll be up-to-speed with the latest security threats and they are your best hope of a speedy resolution.
Cybercriminals prey on vulnerability.
If you show any weakness at all — either in technology, security, or a willingness to pay — you’ll put your business at risk.
On the other hand, if you follow a few simple steps: you’ll stop the swindler in their tracks.
Keep your IT systems secure with a trusted, affordable IT consultant — get in touch today on 207-236-0021.