In a recent article, we discussed the rise of cryptojacking as a new method of hacking that is affecting businesses. However, this rise doesn’t negate the prevalence of ransomware (and data invasion) as a hacktic.
According to the Ponemon Institute for IMB Security’s 2017 Cost of Data Breach Study, the time it takes to detect a data breach is 191 days, with a range from 24 to 546 days. That’s a long time for hackers to have access to your data. For some companies, it’s longer — like the recent breach of Marriott Starwood’s data. While numbers aren’t yet solidified, millions of records have potentially been exposed, and the hackers were likely in the system for up to FOUR. Years.
Ransomware can affect anything, from personal details to financials to delay of movie screenings, cancellation of company acquisitions, and even city infrastructure.
So What Is Ransomware?
- A malicious file
- That holds info/systems hostage until payment is made
- Through email attachments or links via social engineering
There are 3 key tactics for ransomware:
A pop-up that indicates a security breach and requests immediate payment to download and protect your computer. This is a trick designed to get you to download the malicious file claiming to protect your computer (from a non-existent threat).
2. Screen Locking
You’re locked out! Often, an official-looking emblem mimicking a legal department agency will notify you that illegal activity has been discovered and you must pay a fine
Your files are locked with a code that requires the decryption key. Hackers will provide it in exchange for payment.
To sum it up, the fastest way to spot a ransomware attempt is to pause before you respond. Think:
- If you’re already paying for an anti-virus program, they wouldn’t be asking you to pay again.
- If you’re not sure, ask your boss or IT department
- If legal action needed to be taken, a department of the US would go through legal channels, not message you on your computer
- Any message reporting an encrypted file can only be unlocked with payment won’t be coming from legitimate communications. Restricted access is common in companies, but requiring payment to release that restriction is not.
How to Avoid Ransomware
1. Train your employees
This is number 1 because a vast majority of hacks happen due to human error. Your employees are only as weak as the training you provide them with.
2. Refresh their knowledge
Not once a year, not once per hire, this should happen monthly to quarterly. And it should be tested! Outsourced providers can set up a phishing test to see who of your employees fails to pass the test. Additional training — not reprimands or discipline — should be implemented.
3. Cybersecurity protocol
Have a plan in place. Have strategies. Create a doc for what to do if someone gets infected.
4. Anti-malware and anti-virus
Invest in trustworthy software that can catch the most basic forms. More advanced tactics (involving social engineering) will rely heavily on numbers 1 and 2.
5. Get an IT Provider
This step will take care of numbers 3 and 4. An IT Provider is well-versed in security and has a wealth of tools and knowledge for training, prevention, and crisis mitigation. They also have sandboxes, which are safe spaces to open and examine potentially damaging files, they have access to programs that can track the origin of the virus, and more.
IF YOU’VE BEEN INFECTED:
Time is of the essence. The less time a hacker has in your system, the less time there is to collect information or do damage. Report the incident immediately. If something about an email seems weird after-the-fact, tell your superior and inform your IT team.
Be vigilant in protecting your business. Train your employees regularly (monthly). Have a plan in place, and be consistent.
Subscribe to our blog