- If you’re reading this because of the headline, chances are you’re planning on skipping to end to see the answer. I’ll save you the trouble: you’re at risk.
- If you’re reading this at all, it means you’re connected to the internet. On top of that, you’re probably someone who does at least some part of your job with a computer.
Ransomware is (mostly) indiscriminate. Successful attacks have been carried out against hospitals, charities, huge corporations, even police departments, and governments. Anyone who has data they can’t afford to lose is a potential target.
It works like this: once a system is compromised, the ransomware encrypts files, rendering them inaccessible without the decryption key, which won’t be turned over unless a ransom is paid. Some of the sophisticated ones can spread themselves across networks, infecting more and more machines.
According to Microsoft, a typical ransomware infection is carried through either email messages which contain downloader trojans, which attempt to install ransomware, and websites which host exploit kits that attempt to use vulnerabilities in your browser and other installed software to install ransomware.
The FBI says US victims who reported attacks to the Bureau paid a collective $24 million dollars in ransom, but that’s not even the tip of the iceberg. Since the CryptoWall strain was discovered in 2015, victims suffered an estimated $325 million in damages – and that’s just one virus.
If your organization depends on regular access to critical data, and can’t afford to go without, you’re a prime target. Imagine if a hospital couldn’t access patient files, or if a bank suddenly couldn’t access its financial data.
So, you’re at risk. You’ve got data, you can’t afford to lose that data, and you definitely don’t want to pay some jerk with a computer a whole bunch of money just for the privilege of regaining access to something you own in the first place.
So what do you do?
Well, number one is back up, back up, back up. Microsoft suggests any enterprise takes an “assume breach” mindset. Don’t think about this as if you become the victim of an attack, but rather when.
You’re gonna get hit. So, if that’s the case, how do you mitigate the damage?
Protect, contain, and isolate your high-value assets. Use the 3-2-1 rule if you’re not already (this means having at least 3 total copies of your data, 2 of which are local but on different mediums (say, on your SAN as well as on a tape drive/archival CD/etc), and at least 1 copy offsite (ideally in a secure facility on a very stable medium).
- Never click on suspicious emails or links. This one can be really tough, especially if you’re in something like an accounts receivables role, where your job depends on processing POs and invoices, all of them coming in on different attachments and formats all the time.
You can definitely develop an eye for what to look for, but that takes time and experience. Our cybersecurity training programs can help give your employees and colleagues that extra edge by sharing knowledge and experience, as well as best practices and strategies. Like it or not, the biggest security vulnerability in any network are the people who use it.
Make sure every program in your environment is up-to-date. This seems like a no-brainer, but how many of us know about environments that are operating on old versions, sometimes three or more versions out of date, because it’s too costly or difficult to upgrade?
Unfortunately, that’s a huge infection vector with a whole bunch of flashing lights all over it. We can help with that, too. Anything from a discussion with our cybersecurity experts about developing a strategy on how to get out of that situation, all the way up to a full-featured upgrade or migration service – we can get you all patched up, or operating in a more secure environment (such as the Microsoft Office 365 cloud); whatever works best for your needs and your budget.
Hopefully, you’re following industry best practices and have diligent backup strategies in place. But what if you are hit?
Step one is to disconnect that device asap – from your network and the internet. Quarantine it like you’re the CDC and this computer has the zombie virus from 28 Days Later. Don’t pay the ransom. Unless there is absolutely no other choice, all you’re doing is painting a huge target on your back. This announces that, not only can you not afford to do without the data they’ve stolen, but you can’t recover from an attack independently. This encourages a repeat attack, and even worse, doesn’t even guarantee you’ll actually get the data back (sometimes, the keys expire automatically after a certain time, rendering the data lost forever. Other times, the encryption corrupts the data irretrievably. And of course, there’s nothing obligating an attacker from returning your data after you pay, even if there’s nothing wrong with it).
If this all seems a little stressful, that’s because it is. But not to worry; Broadview Networks has a huge depth of knowledge (as well as strong partnerships) in the fields of data security (including hardware and software), business continuity and backups, cybersecurity training, and a whole lot more.
Ransomware is scary, but we have a repeatedly proven method to help keep you safe. Reach out today and we can help tailor the very best solution for you.