Hackers with entry level cyber-attack knowledge can now purchase exploit kits from the dark market and target a business quickly.
Ransomware is malicious code that locks computer or network files. It can start with a laptop and spread to the entire network. It may spread to any attached device, including attached backup drives. Once the files are locked, the criminal demands payment before the criminal will provide a key to unlock the files.
The ransom may be a few hundred dollars or $10,000 or more. The criminal anticipates that the business would rather pay him than take the time to have the malicious code removed and the system completely rebuilt. If the business does not have adequate backup, it can be a serious recovery issue. Research states about 30% of the victims pay the ransom demand.
Ransomware is generally spread by malevolent code in an attachment or link in an email. The code encrypts your files so they are unreadable. Only with the encryption key the criminal has can the files be recovered. The criminal generally gives the victim a time limit for paying the ransom. 72 hours is a common time period.
Businesses can protect their systems from ransomware. Protection tips include:
• Back up your system frequently. You may want to backup key files hourly and less important files daily. You may need to keep interim files such as weekly or monthly backups.
• Save at least periodic backups to a location not attached to your system. This might be the cloud or a hard drive backup that is unattached after each periodic backup is saved. Talk with your IT specialist regarding what data is imperative to keep your business operational and discuss backup alternatives.
• Keep your anti-virus software updated.
• Continuously remind staff to not open emails or attachments they do not expect. The criminals are creative and often mimic reputable companies such as job boards or express delivery companies with ransomware hidden in the attachments or links. Employees can protect your system by deleting any unknown emails and opening the website directly or even calling the named sender to verify the email content.
• If you do get a ransomware notice, immediately disconnect the computer from your network. Contact your IT specialist or an outside computer repair company. Don’t try to fix the problem yourself.
If you like our blogs please follow us on Twitter!