Ransomware Best Practices Part 1: What Is It and Will It Affect You?
Ransomware Best Practices
As the name suggests, ransomware is a malicious computer virus that holds your system’s data hostage. Believe it or not, despite that ransomware seems to be a scary new threat, it’s actually been around for nearly 30 years. The first ransomware attack, dubbed the AIDS Trojan, was spread via floppy disks masquerading as AIDS education software during a time when the world was panicking over this deadly new disease. The disks, distributed to a mailing list of 20,000 people, infected computers, warning users that their files had been encrypted, and instructing them to mail $189 to a PO Box in Panama to receive the decryption software.
Luckily, the first attempts to hijack computers were largely unsuccessful, since personal computers were fairly rare back then. Nowadays, however, the technology landscape is vastly different. Because of this, ransomware has gained a lot of traction in the last few years (and in turn, the ransomware best practices), capitalizing on the fact that nearly every type of company relies on computers and mobile devices in one way or another, and the vast majority of households have at least one PC.
We all have files on these computers, in the form of documents, spreadsheets, photos, videos, music, and more. As an individual, it’s difficult to imagine losing every file on your computer. It’s enough to make you shudder, right? But for organizations, losing or compromising company files can be absolutely devastating. Unfortunately, that’s exactly what ransomware threatens to do. So, it’s critical that you understand what ransomware is and the ransomware best practices you can apply to your company.
What the Heck Is Ransomware?
When it comes to ransomware best practices, the first thing anyone should do is educate themselves about the virus itself. So, let’s back up a minute, and talk more about what ransomware is and how it works.
Imagine that you’re sitting at your desk, combing through your email inbox. You get an official-looking email, one that says your credit card has been compromised, or that you have a package being held by FedEx, or that you need to review an invoice for a payment you know you didn’t make, or any other of a number of threatening, time-sensitive alerts to which you need to respond. Just like those first floppy disks, the creators of ransomware capitalize on their victims’ panic or fear. Wanting to immediately address this seemingly urgent issue, you click on the link or open the attachment, and boom, you’ve been infected. You won’t know it at first, because what happens next is a time-consuming, system-bogging process.
The virus that worms its way into your system sends out a request for a unique encryption key, which will be generated by the cyber-criminals who sent you the malicious email. That key is created and used to encrypt or lock down all of your files, preventing you from accessing them. Once your computer is completely taken over, you’ll get a notice on your screen letting you know that your files are being held hostage. If you’re connected to a network, as most company computers are, the virus will also attempt to spread to all of the other computers on your system, locking each one of them down—and bringing your business to a screeching halt.
At this point, you’ll be given a timeframe—anywhere from one day to one week, to pay up or be locked out of your files forever. The ransoms demanded used to be exorbitant. But today, cyber-crooks will ask for hundreds of dollars, not thousands, upping the chances that you’ll simply pay up to avoid the time- and resource-consuming headache of trying to rid your system of the ransomware. Usually, the ransom demand will average about $300 per computer, though the amount may go up the longer you take to pay.
If you’re thinking you’ll track down the cyber-crooks’ bank information, think again. Most ransomware requires payment in bitcoins. This form of crypto-currency has gained popularity among the seedy set, and for good reason, as bitcoins are an unregulated, nontrackable form of crypto-currency. It’s enough to send any company into widespread panic mode.
Will Ransomware Attack My Company?
Sadly, ransomware does not discriminate. Cyber-criminals cast a wide net to get the most amount of cash, indiscriminately sending ransomware to email inboxes at financial institutions, government agencies, large and small businesses, schools, and even hospitals. When healthcare organizations are targeted, the effects can be particularly devastating, even life-threatening, as doctors and nurses are locked out of critical patient files.
Though ransomware has largely developed as an alternative revenue stream for criminals looking to expand beyond credit-card fraud, your financial data is still at risk in the event of a ransomware attack. That’s because in addition to locking up your system, the malware can also capture credit-card details, bank numbers, or other critical data that these online extortionists can sell or use to boost their income.
Unfortunately, businesses are particularly vulnerable, more so than individuals, which is why many companies incoporate some sort of ransomware best practices system. When it comes to a data security solution, companies may take longer to install critical updates and security patches to their systems, fearing that their legacy software and operating systems might be affected. Once ransomware takes over, it’s a serious issue, regardless of whether companies satisfy the ransom demands. They are still suffering potentially massive productivity losses. They must also deal with the fact that their systems—and all the data housed on them—have become vulnerable to theft and malicious misuse.
What Can You Do to Protect Your Company from Ransomware? – Further Ransomware Best Practices
Should you fork over the cash? Sadly, many online extortionists don’t even release the decryption key once you’ve paid up. YIKES. So, what CAN you do to protect your company from ransomware? What are some more ransomware best practices? Stay tuned, because that will be the subject of the next post in this two-part series!