The dreaded ransomware has become big business for hackers these days. It has wreaked havoc on so many companies worldwide, costing upwards of tens of thousands of dollars for recovery in many cases. Hackers are becoming more sophisticated in how to go after your most prized possessions, your data. Victims that fall prey to ransomware are often ill-informed on how to prevent an attack from happening.
Do you know if your office is protected from ransomware?
If you have that deer in the headlight look on your face right now, as you ponder that question, then my guess for you is a no. If so, do not worry. I’ll do my best to inform you of this mayhem of malware. So read on to learn more…
Let’s Define Ransomware
Ransomware is malware that encrypts your files and folders, preventing you from getting access to them. The hacker(s) in turn demands payment (the Ransome) so they can provide you with a key to unlock those files. The most common currency that they ask for payment is Bitcoin. They use Bitcoin because it’s a cryptocurrency that’s very difficult to trace back to a wallet owner. Once a company has been impacted by ransomware, it’s a pretty devastating job, trying to unencrypt those files. You’ll need to prepare to spend a lot of time and money trying to recover your digital assets.
Your best line of defense in cases such as this is having a good backup in place. But more on that later.
How Do You Get Ransomware?
Ransome attacks are usually initiated by the end-user. What I mean is ransomware doesn’t just attack your computer or network without input from you. One of the most common ways to trigger a ransomware attack is through email or spam. This is when a user receives an email from a hacker that “appears” to be a legitimate email, and clicks on either a link in that email or opens an attachment. From there the ransomware code is initiated, and the mayhem begins. It first attacks the files on the subject computer, then spreads to all other computers that are physically connected to that computer, on that network.
Ransomware attacks like a shotgun. Once the ammunition is released, it hits the target and spreads to everything else in range. But it does the damage once and that’s it. However, the damages are pretty bad, just like that of a shotgun.
What To Do if You’re a Victim?
One of the last things that you want to do is negotiate with hackers or try paying the Ransome. In fact, the FBI advocates against it, as it only encourages the hacker’s behavior. There is some free software out there that’ll help with decrypting affected files, depending on the severity. Be prepared to invest a considerable amount of time researching and digging around the internet trying to find free software that works. Of course, the other option is to pay a professional to recover those files. Having a third party assist in the recovery process is not cheap either.
So prepare yourself to invest a large sum in both time and money. Both of which are pretty expensive to the average professional or CEO.
How to Protect Yourself Against Ransomware?
The key here is to be proactive. You know the old saying, “Prevention is better than cure”, well that saying rings very true in this instance. One of the first things to do is invest in security software that protects against Ransomware. There are a few of them that have surfaced in the marketplace recently. To save both you and me some time, I won’t list all of them here. That’s for another article post. But I will mention two that I’m familiar with.
The premium version of Malwarebytes caters to ransomware and other malware it was designed to destroy. The free version will only provide you with the basic features of scanning and removing malware. The paid/premium versions will provide you with more options for protecting against ransomware. There are different versions of the premium that you can choose from that’ll suit your company structure. So check their site to see what options will be available for your organization.
Another application that’s pretty good, and provides a lot more in-depth features and real-time scanning and prevention against ransomware is SentinelOne. Not only do they have prevention features, but they also have rollback features in the event the ransomware was able to get past their security. It’s like a one-two-punch combo in the line of defense against ransomware. They’re pretty new to the marketplace (first launched in 2013), and they’re constantly adding new features to help protect you and me from the “bad guys” of the cyber world. This is the security software we currently use to support our clients, and it’s been a great partnership.
Let’s Talk Backup
Backing up your data is also part of protecting yourself against ransomware. However, I wanted to talk about this separately because it’s so important. Data backup is something you should be doing anyway because anything can happen at any time and you can lose your data.
The fact is, ransomware attacks your data. You want to make sure you have a good backup in place offsite that is backing up every night. By offsite, I’m referring to the cloud. There are tons of vendors that offer cloud backup at economical rates, so there’s no reason not to have an “active” backup in place.
The dreaded “what if” question won’t give you a migraine to think about when you have a good dedicated backup in place. This step alone saves you so much time and money, it should really be considered the first step to take.
As a final note, I’d like to leave you with this, remember that ransomware is triggered by you, the end-user 99% of the time. With that said, if you’re not sure whether or not an email is legitimate, do not open it. If you do open it and you’re still not sure. And it has a link or an attachment for you to click on, I’ll advise you on two options. You can discard the email entirely. The other option, send it to your IT guy/gal if you want more information.
Remember, if you don’t trigger the agents of ransomware, then you won’t become a victim.