Imagine sitting at your computer when this message appears:
“Oh no! My data is locked, and you can’t access it!”
“They want a ransom payment of $400!”
“Why didn’t my antivirus solution catch this?”
“Isn’t there anything I can do?”
No – you shouldn’t pay the ransom because in many instances the hackers won’t release your data anyway.
You’re now a victim of ransomware. Join the crowds of the many other victims around the world.
“What’s going on?”
Watch this true life story from one of our clients.
At DHS, we’ve recently observed an increase in ransomware attacks across the country. Ransomware is a type of malicious software, or malware, designed to block access to a computer system until a ransom is paid. Ransomware is typically spread through phishing emails or by unknowingly visiting an infected website.
Criminals may try to persuade you to inadvertently download ransomware, which would then infect your computer. For example, if you’re visiting a website, you may see a message like, “Your computer has been infected with a virus. Click here to resolve the issue.” In these cases, the computer has not yet been infected with ransomware, but clicking the link downloads the ransomware onto your computer.
Sophisticated cyber security threats have grown to an explosive rate over the last few years.
Simple antivirus solutions you purchase online no longer work. Cyber-attacks have evolved and can get past the software solutions you’ve been relying on for years.
No matter how small your business, cybercriminals are after your data.
In fact, your small business is a prime target.
Because the larger corporations have more protection than you do. The criminals know this. They go after the “low-hanging fruit” –businesses like yours. So, don’t think they won’t find you. They will.
According to the National Institute of Standards and Technology, last year, the WannaCry ransomware infected more than 200,000 systems worldwide, causing widespread data loss.
The Petya ransomware, which was recently discovered, uses a vulnerability in an update system as an initial attack vector and infected email attachments as a propagation vector. It attempts to encrypt both users’ files and the Master Boot Record.
“Why can’t the government stop this?”
Because technology is advancing faster than ever before. However, as our technology advances, people are questioning the security of these cutting-edge systems. While most of us think our that our confidential information is protected, the truth is disheartening.
The cloud has replaced hard drives, and its improvements continue to help us send, share and store documents. In fact, most companies today use cloud-based email systems to communicate with others. However, hackers have invented ways to get into email systems and encrypt documents, so we can’t access them.
These scary new ransomware strains were created by good hackers, and unfortunately, adopted by bad hackers. Hackers want to steal your money, and they know that the best way to get it is to take away or “temporarily block” your data or email system until you pay to unblock it.
Hundreds of successful criminal hackers use this business model to corrupt and steal cloud-based emails and data. We’re all at risk – this form of ransomware has worked its way into our inboxes.
Let’s get back to what ransomware is and how it works.
Ransomware is a type of malware. Its sole purpose is to block you from your data until you pay for it. Ransomware is effective because it’s difficult to unencrypt data without paying the ransom. The only other option is to restore it from a recent backup. This usually isn’t an option for most businesses because of how often backups fail.
Hackers locate a target, (typically multiple ones) and bypass verification of both Google and Microsoft 365 email applications. They then tempt users with “anti-spam” service emails. It works with any cloud-based email service that uses OAuth to grant application access to information without requiring passwords.
Employees are likely to click and accept these phishing emails because they trust their email systems to filter out spam and malware. But today’s off-the-shelf anti-malware solutions aren’t enough.
So now that your employee has accepted this phishing message, and all of their emails are encrypted, what do you do?
The hackers will offer to “decrypt” your emails at a price around $300-$400. If everyone your business accepts the message, you’re looking at a major financial loss.
The best thing to do is to be prepared. Take the initiative and equip your employees with the knowledge and readiness to recognize and avoid phishing messages. Do this before it’s too late.
“How can I avoid a hack?”
You must remain “one step ahead” of the cybercriminals. Preparing and training your team is one way to do this.
Like we mentioned before, this ransomware strain is in its early stages. But with criminal hackers successfully scoring major money from attacking big businesses, as well as small ones, other hackers and cyber gangs are quickly taking notice. The effectiveness of ransomware is only encouraging more hackers to create and use this and other strains.
Ransomware isn’t going anywhere anytime soon. It’s only growing stronger. The best thing you can do is to be prepared and not fall victim to these attacks.
The adage “an ounce of prevention is worth a pound of cure” certainly holds true – keeping systems patched and up-to-date is often a cost-effective and successful means of preventing the loss of data integrity.
Unfortunately, even taking all possible preventative measures will not always stop the loss of data integrity, in which case the ability to quickly detect and respond to events is paramount.
Whether it’s WannaCry or Petya, it doesn’t matter. You need ongoing scanning, detection, and protection.
To defend against ransomware and other cyber-attacks, your business needs a professional, comprehensive, managed approach to protect your technology.
The right IT expert can proactively monitor your network for cybersecurity risks to resolve issues before they impact your operations. They will implement innovative, up-to-date security and monitoring measures to protect your business against today’s increasing cyber threats.Published on 21st March 2018 by Shawn Maggio