Back in the day, malware such as viruses, spyware, and Trojan horses only had the ability to disrupt computer systems. But nowadays, there is one type of malware that poses a greater danger: ransomware.
Question 1: What is ransomware?
Ransomware is a type of malicious software that encrypts a user’s files, which can only be decrypted after paying a ransom, usually in Bitcoin or another cryptocurrency. While the first ransomware variants were developed in the late 1980s, this malware type rose to popularity in 2013 through the infamous Cryptolocker program.
Question 2: How do I get infected with ransomware?
Ransomware is commonly distributed through spam email. These messages may contain malware-laden attachments or links. Spam emails may even use social engineering to induce a sense of urgency in the victim. For instance, cybercriminals may send an email purportedly from the FBI saying that the recipient was caught watching illegal pornography or downloading pirated software.
Ransomware can also spread through malvertising, or the use of online advertising to distribute malware with little to no user interaction required. Even if a user visits legitimate websites, they can be directed to malware-laden servers without clicking on an ad. The server will then detect the user’s PC and location, and deliver the best malware to get what they want from the victim, which is usually ransomware.
Question 3: Who gets infected with ransomware?
While ransomware used to infect people’s personal devices, more ransomware variants are now targeting businesses that may be more capable of paying. For instance, the University of California, San Francisco paid $1.14 million when ransomware infected their systems, and eventually received a key to unlock their files.
Cybercriminals are targeting more small businesses because of the latter’s lack of proper cybersecurity solutions. In fact, according to Datto, ransomware is the top threat for small- and medium-sized businesses (SMBs) today. While the average ransom is about $5,900, this does not yet include the cost of downtime, which is around $141,000 ─ enough to shut down SMBs.
Question 4: My PCs are infected ─ should I pay the ransom?
It’s not recommended to pay the ransom demanded by cybercriminals. While it may be tempting to do so to ensure business continuity, there is no guarantee that the cybercriminals will provide a decryption key and give your files back. Paying only fuels hackers’ desire to attack and funds future cyberattacks and target other companies.
If your PCs are infected with ransomware, check for available decryptors online. However, not every ransomware has an available decryptor, so if there's none available, see if you can restore your files from an offline backup.
Question 5: How can I protect my business from ransomware?
1. Keep disconnected backups
Many ransomware variants can make a computer unusable, making restoration from internal backups impossible. Keep your important files in external storage systems like CDs and DVDs, flash and external hard drives, or cloud backups. Since the data is not within the system, they cannot be infected by the ransomware.
2. Keep your security software updated
Most ransomware variants infect files by exploiting bugs in security software. Ensure that your antivirus and anti-malware software are always updated, as updates contain security patches that can prevent damage to your system.
3. Educate your employees
Your employees are your cybersecurity’s weakest link, so it's essential to train them in spotting, preventing, and dispatching ransomware. You can run a ransomware simulator to simulate infection scenarios to demonstrate how an attack could possibly look on your network, as well as what can be done to mitigate it.
What's more, teach your employees to develop and implement cybersecurity best practices such as refraining from visiting potentially malicious websites and downloading attachments from suspicious emails.
4. Partner with INFINIT Consulting
Your small business may not have the right resources to fend off ransomware and other cyberattacks, so it’s a good idea to partner with a managed IT services provider like INFINIT Consulting. With proactive, multilayered cybersecurity solutions, we will minimize the likelihood of ransomware ─ or any type of malware ─ infecting your systems so you can focus on growing your business.
As ransomware threats become more dangerous, your Campbell business needs the best cybersecurity partner. INFINIT will provide a transparent, optimized, integrated, and intelligent approach to IT security, so your data is secured at all times. To learn more, contact us today for an introductory assessment.