Ransomware is a kind of software commonly developed and used by hackers to restrain access to a computer system and/or database until a certain demand is met; mostly hackers want the payment of a sum of money. The hackers threaten the organization whose computer system they have blocked, that if they do not pay the sum of money demanded, the company’s database will be leaked online or destroyed completely.
This has become a quick way for hackers to earn money. In the past, when hackers had to waste a lot of time and resources snooping around a target site, this type of activity didn’t really pay off. This method was risky for many reasons and wasn’t much of a threat.
Today, things are much different. Hackers can easily gain access to a company’s database and then hold the information hostage until a ransom is paid. The advent of cryptocurrency makes the whole transaction seamless and untraceable. This is one of the reasons why ransomware is so big nowadays.
How Big A Threat Is Ransomware?
According to the FBI, businesses paid out $24 million in ransomware payments in 2015. By 2016, that number had reached one billion dollars. The average ransom is now approximately $1,000 but some healthcare organizations have reported paying $17,000 to regain access to their files. As long as companies continue to reward hackers by paying the ransom, this crime will continue to escalate.
Who Are The Likely Victims Of Ransomware Attack?
Most ransomware attacks start as a fishing expedition, which means that the hackers make out a list of organizations and their employees and then try to access their confidential information. Targeted organizations are those that contain sensitive personal information, such as healthcare and financial organizations. Many times, businesses think that the best course of action is to pay the ransom, rather than hire security and IT specialists to come in and restore access. Sometimes, organizations are embarrassed to admit that they’ve been a victim of this crime. They want to make it go away as quickly and painlessly as possible.
What Defense Strategies Can An Organization Put In Place Against Ransomware?
The very first step is to understand how a ransomware attack happens. Hackers send out phishing or spear phishing emails to employees of the organization in an attempt to get someone to click on a bad link. Once this happens, the ransomware virus is downloaded to the company’s network and all files are frozen. At this point, you have two choices: pay the ransom or call in security experts to unlock the files.
The first step for most companies is to lay out a security strategy to deal with viruses, worms, ransomware, and other forms of attack. Every organization should have a plan to address data breaches. The experts say that it’s not a matter of whether you get attacked; it’s just a matter of when. So the best course of action is to be ready. Below are few basic steps you can take:
Train your employees what to watch out for in suspicious emails. Training must take place on a regular basis because people forget or get careless.
Hire a security company to test your current system to see where your weaknesses are. Most IT security pros will assess your security, then give you a list of things that should be done right away to shore up your defenses. They can also help you make a long-term plan of action.
Regular system backups should be performed. If you have all your data backed up at an off-site cloud data storage site, then it can be easy and painless to completely restore all your data.
Perform regular patches and updates. This keeps your network protected. New cyber threats come out almost daily so this is an important step to keeping your database secure.
Employees are the key problem when it comes to ransomware attacks and other viruses. They should be fully aware of the types of email scams that are currently going around. Employees should know what to look for and how to avoid clicking a bad link.
It’s not easy to be in a position where you have to negotiate with a ransomware attacker but every decision depends on the circumstances at hand. Whether you work with a managed IT provider or have in-house IT techs, it’s important for them to be fully engaged in keeping your data safe. However, if an attack does occur, you can greatly reduce your losses by being ready and knowing what to do.
Hackers stay up-to-date on the latest IT technology, so you must do this as well. Social media has opened the doors for hackers because it’s so prevalent these days and many users get careless. Start by finding a great team of security experts to help you get up-to-speed. Get all stakeholders in your organization involved in data security. Don’t get lax. Make sure employees are aware of the dangers online.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.