Ransomware Attack: Is your business at risk?

By Bill MacLennan, CEO of Your Computer Hero

I get a lot of questions from business owners about ransomware attacks, as I should, the statistics about the cost of ransomware attacks on businesses is nothing short of terrifying.  Here are some statistics you should be aware of regarding ransomware attacks:

 

  • A new organization will fall victim to ransomware attack every 14 seconds in 2019, and every 11 seconds by 2021 (Source: Cyber Security Ventures)
  • Ransomware attacks have increased by 97% in the last 2 years. (Source: Phishme)
  • 34% of business hit took a week or more to regain access to their data. (Source: Kaspersky)
  • In 2019, ransomware from phishing emails increased by 109% over 2017 (Source: Phishme)
  • Ransomware generates over $25 million for hackers each year. (Source: Business Insider)

 

Definition: Ransomeware; noun: ransomware; noun: ransom-ware

a type of malicious software designed to block access to a computer system until a sum of money is paid.  Usually, a program is deployed on the system that encrypts the data, the hacker then demands a ransom to unlock the encryption so the owner of the data can have it back.

 

In this article I want to give you a behind the scenes look into how we guard our clients’ networks against such attacks and discuss four ways that companies can be vulnerable.

There are 4 best primary ways that companies can safeguard themselves against a successful ransomware attack:

  1. Educate employees about phishing scams. Most ransomware attacks are initiated through email. Employees can be duped into clicking on a link that deploys the encryption software. Clicking the link gives permission to load the encryption software which looks for the Windows vulnerabilities once on the system.  Just last month, Monore College in New York had their computer systems and website shut down by a ransomware attack.  Hackers demanded 2 million dollars for the encryption code to release the ransomware.  The malicious software entered the system by an employee who clicked on an email link.
  2. Upgrade-for Microsoft 7 users. Microsoft will discontinue free support of Windows 7 this January. After this time, you may pay for support for three years, the price is per computer and increases each year.  I recommend updating to Windows 10. The support is critical because it updates the vulnerabilities to the latest hacker schemes, like the most recent ransomware attacks known as the “wannacry” or “NotPetya.”
  3. Be VERY VIGILANT about updating and implementing patches. Scheduled maintenance is not an option for your business network and it is a critical service that we offer our business clients. It is absolutely paramount that updates and patches get implemented on a timely basis. If you are not totally certain that these updates are happening as they should, it may be time to talk to us about doing that maintenance for you.  If a ransomware attack circumvents your firewall, it looks for Windows system vulnerabilities on the computers in the network, the patches and updates address these vulnerabilities.
  4. You must have adequate backups. If a ransomware attack happens, the first place we will look for recovery is your data backups. The best backups include an off site/cloud based copy that has redundancy, so multiple copies and multiple days worth.   In light of these increasing attacks, and others like them, I have come to believe that the best defense against a costly cyber attack is the Datto device.  This is a hardware piece that creates an exact, real time image of a server or data store computer so the system can be booted back up right away after it is hit.  The Datto device also has ransomware blocker that dramatically decreases the chance of a successful attack.

Definition: Phishing

noun: phish-ing /’fiSHing/: the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers (or in this case click on a link that executes malicious software)

 

According to a poll from Insureon and Manta, only 16% of small business owners think they are susceptible to a cyberattack.  Yet, 61% of attacks occur at smaller businesses.  Don’t wait until you are under attack to get your cyber security plan in place!  If you have more questions than answers regarding the security of your network, call our shop today to talk to one of our expert technicians!  We would love to answer your questions about your current system and discuss how we can help you avoid being a victim of the increasing number and severity of ransomware attacks.