Ransomware is a well-named type of cyberattack. Cybercriminals taking this approach kidnap your data. After accessing your network, they encrypt files and demand payment for the passcode. Here are the top seven things you need to know about this business threat.
#1 It Can Happen to You
Cybercriminals rely on your false confidence. Don’t think “it won’t happen to me.” Attacks on government, education, healthcare, or financial institutions get publicity. Yet organizations of all types and sizes are targeted.
#2 Ransomware Spreads Fast
Ransomware is malware, malicious software that can reach throughout a network. So, if Jane from accounting opens a ransomware file, every single computer on your business network could be infected. The virus can spread between businesses, too. Consider the debilitating WannaCry ransomware attack of 2017. Within four days of its first detection in Europe, the strain had spread to 116 countries.
#3 Ransomware Targets People
A common method to send out phishing emails in the hope of having people enter their access credentials. Targeted business communication emails work, too. The attacker gets to know your business first. Then they send an email impersonating a colleague, supplier, or customer asking you to take action or update contact details by clicking on the link or downloading a file.
#4 Ransomware is Costly
Once the ransomware is installed on your system, it locks down your files. To regain access to the files, you need the password or decryption key the attacker supplies when you pay up; that’s if they keep their end of the bargain once you pay the ransom. These are crooks you’re dealing with after all!
In Coveware’s analysis of Q3 2019, the average ransom payment increased by 13% to $41,198 as compared to $36,295 in Q2 of 2019. And that’s just the cost of the ransom. Indirect costs include the cost of downtime, lost revenue, and long-term brand damage. There’s also the expense of removing the ransomware, forensic analysis, and rebuilding systems.
The average ransomware attack in Q3 2019 resulted in 12.1 days of downtime. — Coveware
#5 Ransom Requires Cryptocurrency
Ransom payment is usually made by bitcoin or another cryptocurrency. Your business needs to buy cryptocurrency with actual cash, then transmit the ransom. They choose cryptocurrency because it’s very difficult to trace. It doesn’t help you that bitcoin is not something you can charge back like a credit card.
#6 A Recovery Plan Helps
Planning in advance can help you respond more reasonably. Document plans to disconnect infected computers from the network as soon as possible. Also, power down any machines that could be vulnerable to avoid spreading contagion.
You should also discuss in advance whether or not your business will pay a ransom. Weighing the costs and benefits without a deadline on the decision can help you react more strategically.
#7 You Can Take Action
You don’t have to sit around worrying and waiting for a ransomware attack. There are many things you can do to help prevent this type of attack:
- Filter traffic, preventing it from coming into your network in the first place.
- Scan inbound emails for known threats, and block certain attachment types.
- Use antivirus and anti-spam solutions and regularly upgrade and patch vulnerable software.
- Educate all users about social engineering.
- Allow remote access to your network only from secure virtual private networks.
- Back up your data to more than one location so that you can restore any impacted files from a known source.