Ransomware is a vicious form of malware that locks users out of their devices or blocks access to files, until a ransom is paid. There are numerous variants, with some ransomware designed to attack Windows devices, and others geared towards Macs or mobile devices. The WannaCry outbreak is a recent example of this form of malware that’s infecting Windows computers.
Evolution of ransomware
While ransomware has been around since the late 1980s, it went “pro” in September 2013 when CryptoLocker was released. It was the first cryptographic malware, and spread quickly via downloads from a compromised website and/or emails made to look like customer complaints. It was estimated that more than $27 million was paid in ransom.
That may seem like a hefty amount to pay out, but there’s only been an exponential increase in ransom payments, with CNN reporting that cybercriminals collected more than $209 million in the first quarter of 2016!
Over the course of time, encrypted browser software such as TOR, anonymous currencies like bitcoin, and increasingly intelligent cybercriminals have evolved ransomware to where it is the #1 security concern of organizations.
Protecting your business
Cybercriminals do not particularly care who their victims are, as long as they can pay a ransom. With a scatter gun approach to propagating ransomware, cybercriminals just want to cast the net as wide as possible so as to maximize the returns.
Here is how you can protect your business:
Educate your users
Most people can’t tell a phishing email from a safe email. Teach your employees to recognize a phishing email. Train them to only open emails from people they know and that pertain to topics they would be expected to talk to them about, and avoid navigating to URLs sent in emails.
“Humans need to be trained; they are the weakest link,” says Paul Kubler, a cybersecurity and digital forensics examiner at LIFARS LLC. “Companies should employ at minimum a bi-annual training geared towards each user group so that everyone is aware of the latest attacks.”
Use a layered defense and update your software regularly
Ransomware attacks involve many different elements. They can start off as a spam email with a link to a malicious website that exploits vulnerabilities in your system to download the virus. A layered approach to cybersecurity, such as email security as well as network protection, can defend you at each of these points. Each layer creates an extra obstacle for the malware, making it more difficult for the attack to be successful.
Keep your operating system, third-party applications, and antivirus programs updated at all times. These are layers of defense for your data, and while they are not bulletproof, they can go a long way in protecting you.
Back up your data often
Business devices often contain sensitive information, as well as operation-critical information such as customer data and business plans. Losing this data to a ransomware attack could severely cripple your business processes. Ensure regular backups are made of all important data, and that these backups are also routinely tested to make sure they work.
According to Steven J.J. Weisman, author of Scamicide, “The best defense against ransomware is to back up all of your data each day. In fact, my rule is to have three backup copies using two different formats with one off site.”
Ransomware isn’t going anywhere, and it is up to each business to protect itself from being the next victim of this type of cybercrime. Mozy by Dell can help. You can avoid a ransomware disaster!
Read about how these two businesses protect their data from ransomware:
• Technology consultant battles ransomware with Mozy backup
• IT provider chooses Mozy. ‘Nuff said!