Any business, large or small, and any single Joe Blow in a small town, can be the victim of ransomware.
Ransomware is so lucrative and easy, that some cybercrooks are abandoning more traditional ways of committing theft (e.g., busting into someone else's bank account and wiping it clean).
- The thief hacks into your computer and encrypts your files (makes them appear like nonsensical jumble). Or:
- Thief deploys a virus in an attachment or places it on an infected website and when your insecure devise comes in contact with it, you're infected.
- The thief says he'll give you a "key" to "unlock" the encryption-but for a price, usually in bitcoins.
- Even if you had your files backed up prior to the attack, the attack will still cost you, such as having to decontaminate your computer and time involved in restoring thousands of files.
- Though a small town housewife can be targeted, hackers prefer businesses that depend on daily use of crucial data, who are most likely to pay the ransom very quickly. These include financial institutions, hospitals and airlines.
How to Protect Yourself or Your Company
- Implement daily data backup (thumb drive, cloud, network shares).
- It's recommended your backup include an offline device like a flash drive, external drive and cloud backup.
- Seek out cloud backup that deploys "versioning". More info here.
- If you back up with an external hard drive, keep the drive connected to your computer only during backups; otherwise if it's connected at the time of a ransomware attack, it, too, will become scrambled.
- Big businesses may opt to pay the ransom when time is of the essence, such as hospital systems, so the key is to prevent attacks. The hacker's No. 1 tool is the phishing e-mail. These e-mails trick people (employees) into clicking on links that then download the ransomware program to your computer.
- Businesses should implement rigorous, ongoing training to employees for recognizing phishing attacks.
- Be careful about ads you click on, as hackers can embed malware in them. Use an ad blocker. This is called "malvertising".
- Businesses should use multiple servers for groups of employees rather than one server for a mass of employees.
- Limit system permissions.
- Keep third party plugins updated.
- Immediately upon realization of a malware attack, businesses should shut down infected systems from the entire network to prevent spreading. Bluetooth and Wi-Fi should also be disconnected.
Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.
Top of Page keyboard_arrow_right