What You Need to Know About Ransomware

Industry News & Information

Everyone knows how important it is to protect a business network from threats like viruses, spyware, and malware. To that end you probably have a strong firewall, antivirus/anti-spyware software, password protection, and perhaps even encryption programs and monitoring services in place.

This is all good news for your business and your customers. When you make security a top priority, you can avoid data breaches, comply with federal and state privacy laws, and keep your customers safe and satisfied.

Unfortunately, hackers and other cyber criminals are always looking for new ways to bypass protective measures and get at sensitive data. In some cases, they’re interested in stealing identities. Others are just cyber terrorists looking to wreak havoc.

The latest form of malware to gain popularity is called ransomware. If you haven’t yet heard of this threat, much less encountered it, you’ll definitely want to find ways to steer clear. Here are a few things every business needs to know about ransomware.

What is Ransomware?

Ransomware is a specific type of malware intended to disrupt use of your computer with the goal of exacting a ransom payment to undo the damage. It works by restricting access to your computer, either by locking you out or encrypting files, so that even if you can open them, you can’t actually access the information they contain.

Victims are generally given a time frame, say 24 hours, in which to pay. Most often, payments have to be made in virtually untraceable currencies like Bitcoin or deposited onto prepaid cards via MoneyGram, just for example.

Ransom amounts tend to be relatively reasonable, fluctuating between less than $100 and just a few hundred at the top end.  Victims report that payment was met with reward – computers were unlocked and files were decrypted – while failure to pay resulted in loss. In other words, many businesses felt like it was simply easier to pay up.

How Does Ransomware Get In?

Like most malware, there are two main ways ransomware can infect your computer. You either let it in by clicking and downloading a file or it can infiltrate your network through subpar security.

When it comes to security breaches, you may or may not have been able to do more. If your employees are careless with passwords and hackers get in, you probably could have prevented the problem with stricter controls. On the other hand, sophisticated cyber criminals can hack even strong defenses, so you may not be entirely to blame.

As for clicking suspicious links and downloading files, you have no one to blame but yourself. User error is the most common way for ransomware to infiltrate your system. Be careful what you download!

How Can I Protect My Network?

If you find yourself victimized by ransomware, you have two choices: pay the piper or make use of appropriate antivirus fixes available. Depending on the type of ransomware, you have a couple of options.

Some ransomware is nothing more than scareware. It tells you something is wrong with your computer and asks for money to fix it, but in fact nothing is wrong. In some cases, this threat can easily be removed by switching your computer to safe mode operation and running an antivirus scan to locate and remove malware.

Of course, this may not be possible if the malware locks up your computer so that you can’t access any programs or functions, effectively barring you from safe mode and antivirus tools. This is a little more complicated to fix, but a system restore could do the trick. At this point you may want to seek professional help.

If you’re dealing with something serious, like the now infamous CryptoLocker, however, you’re in for a fight. This malware actually encrypts your files and it is practically impossible to undo the damage without paying the ransom.

This is not to say you should encourage this type of behavior by paying. You’ll never have to if you prepare for a ransomware attack and plan accordingly.

The simple solution is frequent and comprehensive system backups. You should do it daily, at least. This way if your data is compromised by ransomware, all you have to do is shut down and revert to a backup save point. For companies that have large amount of data, backups are especially important. SiteUptime client Tradebit.com stores many terabytes of data and uses several different companies to insure that their data is backed up and safe. They have been able to avoid data loss in the past as a result of this proactive approach to backups.

Having access to multiple copies of your data will result in minimal data loss and you can avoid paying the ransom. Naturally, you’ll want to figure out how the breach occurred and beef up security should you suffer a ransomware attack, but your best defense with this type of malware is a good offense.