On March 22, 2018, a remote-triggered ransomware called “SamSam” demanded a one-time payment of $51,000 be made to restore the city of Atlanta, Georgia’s, data. Despite an operating budget somewhere in the neighborhood of $625 million, Atlanta’s municipal leaders refused to pay the fine. The “hostage situation” has cost the city over $2 million already with an expected $9.5 million more likely to be spent restoring and re-enforcing the municipality’s network and infrastructure. This doesn’t take into account downtime and the significant amount of data lost in the hack. Whether or not you think it’s a good idea to not pay the ransom, if a whole city – especially one as large as Atlanta – can effectively be crippled by a single hack, you better believe that your business has to get serious about its cybersecurity efforts.
The situation in Atlanta, where months later they are still foraging through the rubble, is a cautionary tale for everyone; and by in large, you are seeing that everyone is taking this threat seriously. With WannaCry, Not Petya, Locky, and Crysis all hitting the business community in 2017, it has become evident to a lot of business owners that they only thing standing between a fate where they are paying some dissident group for their own data, and one where they are insulated from this hell is their ability to act on the cyber security strategies they’ve created for their business. Today, we will go into why these attacks keep happening and provide you with some of the best practices organizations like yours are going to have to implement (and stay on top of) if you don’t want to be just another victim of hackers looking to make a quick buck.
Reasons for Ransomware
The most common reason is for money. Cybercriminals are extortionists. They target people and organizations who can (and will) pay. Law enforcement and security professionals have worked extensively to understand what makes a cybercriminal do what they do. Many black-hat hackers don’t get into hacking to cause chaos, but because they were curious. A lot of companies and organizations have major security holes in their networks. When a hacker sees this, they do a little digging around. Before you know it, the hacker is taking valuable information and, possibly, selling it with other companies.
So, why ransomware? Money. More specifically, cryptocurrency. The combination of demanding a ransom and the anonymity of cryptocurrency has made ransomware a popular tool among hackers.
Ransomware is also easily accessible. The dark web is crawling with hackers dealing Ransomware-as-a-Service. Code that would have years ago required professional coders is available to anyone for the right price.
Finally, the abundance of vulnerabilities makes ransomware easier to execute. There are two vulnerabilities that hackers are willing and able to exploit. The first is holes in operating system security. This is exacerbated by using outdated software. The second is the user. Not being properly trained on how to deal with suspicious software or email attachments can leave your network in danger. No security tool is advanced enough to stop an untrained user from clicking on the wrong link.
Network security practices and tools have gotten better. IT administrators and cybersecurity professionals are continuing to implement advancements, such as improved encryption. However, as security has evolved, so too have the hackers.
Cybercriminals are using new tactics, like social engineering and phishing scams, to bypass more secure networks. With new threats coming at a near daily basis, it’s difficult for the average user to know whether they are reading a real or spoofed email.
What Can You Do?
There is no ironclad, 100% effective network security solution, but there are strategies that can significantly reduce your organization’s chances or consequences of being affected by ransomware. They are:
- Back up your data:It cannot be said enough, you need to regularly back up all your critical business data and securely store it offsite. Hackers gain the upper hand by locking a user out from accessing their files and documents. With a secure, offsite backup, you won’t need to worry about losing access to your information. The little bit of downtime is a much more reasonable price to pay than losing everything your business needs to operate. Working with experienced IT professionals, like the ones at IT Support Guys, will allow you to implement and operate a comprehensive data backup and recovery solution.
- Educating employees:Ransomware is spread like any other piece of malware, through email attachments, links, downloads, or malicious websites. Frequent employee training to be aware of these vehicles for ransomware could be the thing that keeps your network safe.
- Restricting access and code execution: Sometimes ransomware is written to execute from data folders. Having a full access control system in place can add a line of defense to your security system.
- Maintaining and patching software regularly: Software developers are always fixing vulnerabilities and updating programs to the latest security standards. Keeping your software up-to-date can go a long way toward keeping ransomware off your network.
This list is just the tip of the iceberg when it comes to ways to better protect your network and business data from ransomware and other malware threats.
The IT professionals at IT Support Guys are experts at keeping network and infrastructure up and running, reducing downtime and providing a dynamic, secure, and reliable computing environment conductive to high-levels of productivity.
Ransomware may be a huge threat to the health of your business, but with the right solutions and practices, your organization can stay ahead of the curve. Call us today at 855-4IT-GUYS (855-448-4897) to learn more about our comprehensive cybersecurity services.