More and more, ransomware has emerged as a major threat to individuals and businesses alike. It’s distributed in a variety of ways and is difficult to protect against because, just like the flu virus, it is constantly evolving.
Unless you’ve been living under a rock, you are probably well aware that ransomware is a hot topic in the news these days. Organizations of all types and sizes have been impacted, but small businesses can be particularly vulnerable to attacks. And ransomware is on the rise. In the McAfee Labs June 2018 Threat Report, the number of new ransomware strains saw an increase of 62% in the previous four quarters. This increase brings McAfee’s total number of identified strains to roughly 16 million.
There are ways to protect your business against ransomware attacks. Hiding your head in the sand won’t work, because today’s ransom seekers play dirty. Make sure your organization is prepared.
(Read how RESULTS’ new cybersecurity tool saved a small Texas bank from ransomware.)
There are a few dominant types, or families, of ransomware in existence. Each type has its own variants. To decrypt files, cyber extortionists typically request payment in the form of Bitcoins or online payment voucher services, such as Ukash or Paysafecard. In recent months, we’ve seen repeated attacks on specific verticals, most notably in the local government sector.
How ransomware is spread
Spam is the most common method for distributing ransomware. It is generally spread using some form of social engineering; victims are tricked into downloading an e-mail attachment or clicking a link. Fake email messages might appear to be a note from a friend or colleague asking a user to check out an attached file, for example. Once the user takes action, the malware installs itself on the system and begins encrypting files. It can happen in the blink of an eye with a single click.(Hackers are attacking MSPs. Here’s what RESULTS is doing about it.)
Another common method for spreading ransomware is a software package known as an exploit kit. These packages are designed to identify vulnerabilities and exploit them to install ransomware. In this type of attack, hackers install code on a legitimate website that redirects computer users to a malicious site. Unlike the spam method, sometimes this approach requires no additional actions from the victim. This is referred to as a “drive-by download” attack.
Protect against ransomware
Cyber criminals armed with ransomware are a formidable adversary. While small to-mid-sized businesses aren’t specifically targeted in ransomware campaigns, they may be more likely to suffer an attack. Thankfully, there are tried and true ways to protect your business against ransomware attacks. Security software is essential, however, you can’t rely on it alone. A proper ransomware protection strategy requires a three-pronged approach, comprising of education, security and backup.
Education: First and foremost, education is essential to protect your business against ransomware. It is critical that your staff understands what ransomware is and the threats that it poses. Conduct bi-annual formal training to inform staff about the risk of ransomware and other cyber threats. When new employees join the team, make sure you send them an email to bring them up to date about cyber best practices. It is important to ensure that the message is communicated clearly to everyone in the organization, not passed around on a word of mouth basis. Lastly, keep staff updated as new ransomware enters the market or changes over time.
Security: Antivirus software should be considered essential for any business to protect against ransomware and other risks. Ensure your security software is up to date, as well, in order to protect against newly identified threats. Keep all business applications patched and updated in order to minimize vulnerabilities.
Backup: Modern total data protection solutions, take snapshot based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll-back your data to a point-in-time before the corruption occurred. Watch this video to learn about backup options.
It seems there is a news story about a ransomware incident nearly every day. Protect yourself and by taking these steps today. And as always, contact us if you need help.