If you have heard of ransomware but are not exactly sure what it is, here is a quick explanation: essentially, ransomware attacks start when cyber criminals hide links in what seem to be normal everyday emails or website pages. When these links are clicked on, a malicious virus is unleashed that encrypts your files so you cannot access them. The only way to decrypt these files is with a “key” that is sent to you by the cyber-criminal once you have paid the ransom.
If your personal files are encrypted, you may be asked to pay $300-$500. (There are no rules; it’s the criminal’s choice.) A small business may be asked for several thousand dollars up to tens of thousands. Large businesses and government have sometimes been asked for millions. Ransoms are usually paid in bitcoins, which are completely untraceable. When the ransom has been paid, the key is sent, and the owner of the encrypted files can unlock them. Most of the time.
There have also been cases where the key has not worked. Why? We don’t really know, but we do know that the criminal vanishes, leaving the business owner’s records forever locked and totally useless. Hopefully, there were back-ups that can replace the locked files, but often, the backups get encrypted as well. In fact, in 2016, only 42% of companies that were attacked were able to fully restore their files and avoid paying ransom.
When we say that ransomware has hit the big time, consider this: in the latest report published by the SonicWall security team, ransomware attacks have grown:
2014: 3,200,000 attacks
2015: 3,800,000 attacks
2016: 638,000,000 attacks
No, that’s not a typo. Yes, attacks increased 167 times or approximately 20,000% in one year!
The obvious question is “Why?” The answer is that committing ransomware crime has become very easy. While it used to take advanced programming skills and sophisticated hacking to commit cyber-crime, today the kid down the street can easily, quickly and cheaply search for ransomware software online and for a few hundred dollars buy the software tools he needs to attack businesses all over the world. No experience required.
Another reason: Studies have also shown that 91% of these attacks start with employees who are tricked into opening email that they should have left alone. Advanced ransomware programs now are also able to rapidly spread the infection from computer to computer within an organization, quickly spreading to servers.
What can you do? We have found that in most cases, cyber-attacks get through because the proper precautions have not been taken. We have seen computers upon which tens of thousands of attacks have been attempted, with not a single one getting through. Here are some suggestions:
1: Ongoing employee instruction in cyber security, particularly concerning email.
2: Advanced business-grade security against all forms of malware
3: Crypto-containment software (isolates and shuts down encrypted files, preventing spread of virus.)
4: 24 x 7 x 365 network monitoring
5: Off-site (cloud) back-up
Call if you have any questions.
DynaSis has been serving the small to mid-sized business community for 25 years and is a national leader in development and deployment of crypto prevention and crypto-containment solutions. 678-373-0716. www.DynaSis.com/managed-security.