ransomware

How to Keep Your Business Safe from Ransomware

/ nancyrubin / 1 Comment

The recent global ransomware attack known as WannaCry, left thousands of users locked out of the data on their computers. Luckily, thanks to a tech blogger who reverse-engineered samples of the malware, the threat was soon eradicated.

Unfortunately, recovering the data once you are hit with a ransomware attack is not possible. However, there are certain measures you can take to minimize or even completely eliminate the possibility of such an attack

Understanding ransomware, how it works and how to prevent it is an important step towards keeping your business and your data safe.

Know What You’re Dealing With

While many cyber-attacks focus on stealing your data, ransomware works a bit differently. Cybercriminals that use ransomware, a type of malware, are after your money and attempt to blackmail a payment out of you by threatening your data. Hackers either don’t allow you to access your data or claim that your data is at risk and then offer to fix the issue if you pay.

Cryptovirus, cryptoworm or cryptotrojan, as ransomware is also called, can hit anyone from home users to businesses and public institutions. Each target presents different opportunities for cyber criminals.

Home users and public institution employees often don’t have advanced cyber security knowledge. Public institutions may also have valuable information that they cannot afford to lose.Hitting a business could mean big money, and businesses sometimes would rather just pay up than deal with the inconvenience of reporting the attack.

Types of Ransomware

Scareware, also called fraudware and rogue scanner software, is intended to scare you with a pop-up message about malware in the system. There’s no real threat, but the scareware gives the illusion that there is and says that you need to pay a certain amount to remove the malware. Knowing the difference between legitimate and illegitimate sites and programs is instrumental in recognizing scareware.

Locker ransomware is similar to scareware in that it attempts to scare you into paying, except in this case, the pop-up message claims that it has detected illegal activity on your computer. It often has the seal of either the FBI or the U.S. Department of Justice and says that you need to pay to avoid legal trouble. You can safely close and ignore such messages, as no government organization would operate like this.

The worst-case scenario is encrypting ransomware, where the malware actually encrypts your files and cybercriminals demand payment to give you your information back. The problem is that there’s no guarantee they’ll follow through on their end of the bargain if you pay them, and it opens the door for future attacks. For those reasons, cyber security professionals advise against paying.

How to Protect Your Device

  1. Invest in Cyber Security.

The first thing you should do to protect your data is to find a high-quality antivirus program. Ask a cyber-security professional for a recommendation and use the advice to help make your decision.

For complete protection, look for a comprehensive security suite that can handle all kinds of threats, or combine your antivirus program with separate antimalware and antiransomware programs. Antivirus programs typically have free trial periods available, so try out a few to see which one suits you best. Once you’ve found it, it’s a good idea to purchase the full version for superior protection, especially if you often have sensitive data on your device.

  1. Backup, Backup, Backup.

The prices for external hard drives and personal cloud storage seemingly get lower every day. If your business needs to store a lot of data consider cloud backups, there are plenty of excellent cloud storage services on the market. Regardless of which option you prefer, not backing up your data is a crucial mistake.

It can be tedious to backup data, especially if you work with a large amount of it every day. Just remember that taking the time to make a backup is far better than being left with nothing because of a cyber-attack.

If you go with a cloud service, check the encryption and authentication features to ensure that your data will be secure. Remember to physically remove external hard drivers after making the backup so they can’t get infected.

  1. Education Is Power.

The best way to be ready for potential threats is to know what’s out there, and this is much easier thanks to all the useful information available in a couple clicks. Stay up to date by reading tech blogs and by getting in touch with your IT team or cyber security professionals.

Ransomware has been around since the early 2000s, and it doesn’t choose its victims, so even Mac users are no longer safe. Read about what other users did when hit with ransomware in case you find yourself in the same situation, and share your knowledge with the people you know.

  1. Skepticism Pays Off

You can never be too careful about what you see online. Look closely at all your emails, and if you get one from a stranger with an attachment, just delete it. Watch out for shortened links, as you can’t be sure where they will lead. Use online services that can show you the full URL before you click on it.

There are a few suspicious signs to look for with emails you receive, even those that appear to be from a company. These include generic messages that don’t mention your name, a format that looks different from the company’s usual emails and any requests for personal information, which you should never provide over email.

  1. Don’t Pay the Ransom.

How much do cybercriminals try to get with ransomware? It could be anywhere from hundreds to tens of thousands of dollars.

A ransom demand is a crime, and if you give in, all you’re doing is encouraging it. Cybercriminals will use ransomware as long as people pay them. And once they get their money, they have no incentive to help you decrypt your files.

A Kaspersky survey supports the strategy of not paying ransom. It found that of the ransomware victims who paid the ransom, one in five didn’t recover their files.

Final Thoughts

A ransomware attack that results in your sensitive data being encrypted could be devastating for your business. However, being proactive instead of reactive is crucial. Following the information outlined in this article can help you secure your data. Just remember to back up everything so even if you’re hit with an attack, you can get your data back yourself.

About the Author

Lisa Michaels is a freelance writer, editor and a striving content marketing consultant from Portland. Being self-employed, she does her best to stay on top of the current trends in the business world. Feel free to connect with her on Twitter @LisaBMichaels.

 

What Impact Could Ransomware Have on You?

/ nancyrubin

iStock_000008869356XSmallWith stories of massive security breaches and identity theft sweeping the news, it’s more important than ever for your business to protect its data.

This is especially the case when it comes to your network computers being taken over by ransomware.

Here are just a few examples of how ransomware can impact your business:

Ransomware in a Nutshell

In its most basic form, ransomware can limit your access to certain information within your business network. Ransomware is a form of malware, which means you likely won’t know you’re a victim of the intrusion until it’s too late.

Ransomware gets its name due to the fact that most attacks result in the intruder demanding money in return for access to your files and documents. The most sophisticated types of ransomware can encrypt your business’s entire computer system and bring your online operations to a standstill.

Unfortunately, according to leading online security authorities such as Symantec and McAfee, ransomware attacks will continue to rise in the coming years.

That’s why it’s important for your business to stay informed on the topic of ransomware.

Types of Ransomware

The most widely used form of ransomware features false messages that require payment if action isn’t taken.

With this type of ransomware, victims aren’t actually aware their systems are compromised because the ransomware comes in the form of a message from authoritative sources, such as payment for the reactivation of software.

The article “Ransomware: What it is, How it Works, and What to Do if You Are Victimized” mentions the fact that ransomware messages can also impersonate government agencies that seize your system.

Another form of ransomware to be aware of is encrypted file ransomware, such as CryptoLocker malware.

With this type of ransomware, victims are fully aware their systems are compromised and they must make a payment in order to gain access to their files and documents. This type of ransomware also comes with the threat of file destruction if payments aren’t made in a certain amount of time.

What to Do in the Event of Ransomware

There are a number of steps your business can take if you become a victim of ransomware.

For starters, many experts recommend disconnecting from the Internet the moment a ransomware threat or message is detected. Doing so will limit the amount of data that can become compromised.

In addition, it’s also wise to contact your local FBI branch.

Ransomware is a form of extortion, which is something the FBI handles. The FBI will also let you know other steps to take in eliminating the threat.

How to Avoid Ransomware

Avoiding the threat of ransomware altogether is always the best course of action. By using reputable firewall and antivirus software at your business, you can drastically reduce the chances of ransomware threats.

In addition, you should back up your business data to a secondary, non-Internet enabled device regularly.

Likewise, you should also enable popup blockers within your browser, which can help you avoid accidentally clicking on infected ransomware messages.

Don’t become another victim: keep in mind the information above and steer your business clear of ransomware threats.

About the Author: Adam Groff is a freelance writer and creator content. He writes on a variety of topics including online security and business technology.