As technology becomes increasingly integrated into the business sphere, companies are looking to bolster their security and defend their network from a potential breach. According to the FBI, cybercriminals stole $209 million in the first three months of 2016, and ransomware is predicted to become a $1 billion annual crime by the end of this year. Hackers now employ a combination of advanced technology and social engineering techniques that make it more difficult for users to identify a threat before it affects their organization. A report from the IBM and the Ponemon Institute revealed that the average cost of a data breach has increased 29 percent since 2013, bringing the average cost of a breach to almost $4 million per incident.
It’s important a business and its employees understand not only how to identify a potential scam, but the financial and legal ramifications that can result from a successful ransomware attack.
What is ransomware?
The first step is understanding what malware and ransomware are and what kinds of threats they pose. Malware generally involves sending targeted users emails or social media messages that prompt the individual to click on a link or file that appears to be legitimate. If the user falls victim to the scammer’s attempt, their computer may be infected with a malicious software that allows cybercriminals to access sensitive files or view the user’s activity on their device.
Ransomware is a form of malware that demands the affected user pay a ransom to unlock their computer or files. Ransomware does not only steal or delete business-critical information, but locks a user’s systems, files, and applications until the requested sum is paid. A ransomware virus can infect PCs, Macs, and mobile devices. Ransomware presents itself in three forms, scareware, lock-screen ransomware, and encryption ransomware.
- Appears to be a security software or tech support system that prompts users to purchase and/or download malicious materials onto their device.
- The user’s money will be stolen and their device possibly rendered useless.
- Before attempting to close the window, the user should call their managed IT services provider to report the issue, or use the device’s Task Manager (control+alt+delete) to shut down the machine.
- If still unable to close the window, the user should go to the device’s task manager, view the programs running at that time, and delete the foreign program.
- After closing to window, the user should run a security scan of the device to identify any spyware or other security threats that may remain hidden in the system.
- A full-screen message is displayed on the user’s device that prevents them from accessing their machine or files until the ransom is paid.
- The message displayed will generally include an official-looking FBI or U.S. Department of Justice seal, claim illegal activity has been detected on the user’s device, and demand a fine be paid to restore access.
- Generally, lock-screen ransomware does not encrypt the user’s files, which reduces the chances of a large-scale network compromise.
- Encrypts the user’s files and demands a ransom be paid to decrypt the data.
- Causes more panic because the user is able to see their files, but will be unable to access them until the ransom is paid.
- Even if the sum is paid, there is still a chance the device will be compromised.
How do you protect your business from ransomware attacks?
Two-thirds of finance executives at technology companies have increased their cyber-security spending in 2015 alone, demonstrating an increased focus on protecting business networks from hackers. Without the proper security measures in place, a business may increase its chances of a cyber-attack. However, there’s no guarantee a company will be invulnerable to a cyberattack and every organization should have a back-up solution in place that will allow the company to restore encrypted or compromised data without paying the ransom. A network compromise can have consequences beyond paying a ransom. Such negative effects include:
- Business downtime
- Loss of client trust
- Lost contract revenue
- Negative impact on company reputation
- Intellectual property loss
At the 2015 Cybersecurity Summit, the FBI advised that businesses infected by ransomware should pay the requested ransom. A majority of ransoms range between $500 and $10,000, making it plausible for an organization to afford to pay the amount. Hackers understand that companies are more likely to pay a lesser amount to restore their files as quickly as possible.
However, IT professionals warn against the FBI’s advice and claim that the more ransoms that are paid, the more incentive cybercriminals will have to continue their hacking attempts. Instead of paying the requested amount, experts advise that businesses have a back-up solution in place from which they can restore their data. In addition, an organization should implement the necessary security, education, and proactive protocols necessary to minimize its vulnerability to a ransomware attack. A business should take the following steps to safeguard its network and reputation.
- Regularly educate employees
- Layer anti-malware, antivirus, and anti-ransomware programs
- Make sure all software is updated to the latest version
- Install pop-up blockers
- Beware of links or emails sent from an unknown source
- Implement an automatic, remote back-up solution not connected to the rest of the network
- Run a virus check if you think your network security has been compromised
The best defense against malware and ransomware is education. It is important for business of any size and in any industry to be aware of what threats are out there. And as business owners educate their employees on the harmful effects of cybersecurity, the best practices are developed to avoid falling victim to their threats. Keeping businesses’ data, their clients’ data and the continuity of the company secure.