We’ve all heard of ransomware, right? That boogeyman that everyone in the IT sphere wants you to be petrified of? Let’s look at who is generally at risk and how those attacks actually occur – instead of dumping tens of thousands of your hard earned dollars in a panic.
Who is at risk?
To answer that question, you need to understand the psychology of the attacker. Is it pure malice? Mischief? The answer used to be yes, when viruses ran the web and that was the big scary thing from the ’90’s to 2010’s. Viruses, as they were, are virtually non-existent in modern society. I would posit the only thing we really have that mimics virus behavior of the past IS
ransomware.
It’s said the greatest motivators of man are sex and money. Arguably ransomware covers both: it infects your computer, you are then extorted for a large sum of money (usually in the form of Bitcoin or other cryptocurrency) and are forced to turn to prostitution to pay it off! So to get back to the question: who’s at risk? Obviously governments, critical infrastructure, healthcare, etc. These are the most likely to pay as they have the deepest pockets. Other, larger industries, multinationals and publicly traded companies certainly fall in second place. What about small business? Is there a significant risk factor there?
The answer, as with so many of these things, depends on your industry and online exposure. The largest sector of small business is retail. Primarily those that o er online shopping. In the not too recent past, attackers would use “web skimmers” to capture credit card info from shoppers and exploit the stolen data on a consumer level. Ransomware provides a new level:
Just destroy the entire store and o er to maybe give it back for a huge sum, this provides a single point of leverage and ease.
Given the prevalence of online shopping (especially after the last couple years), it’s a target rich environment. And one with relatively lax security.
How does it get on your system?
It’s just a crazy outside attack that penetrates your off-the-shelf Walmart firewall and gets into all your computers. Now you need to spend $30,000 on brand spanking new Cisco network hardware and you’re good. Right? Not at all. That’s virtually never the case. Even with a hardened network, using best practices, the weakest link is always…. the human. The path for ransomware to enter your network is either a link in a spurious phishing email, a malicious macro in an emailed spreadsheet or
occasionally malicious advertising code embedded in some salacious picture you clicked on.
So… how can I prevent it?
There’s a point to spending money on networking hardware (i.e. the vehicle your computer uses to talk to other computers). There’s a level of outside intrusion prevention and detection, control of network access and usually components of web filtering – none of this is truly effective at malware prevention.
Learning good habits is the best form of prevention. Today, we want to not think, to just assume we’re walking in fluffy rose beds. This laziness of mind is exactly why this is as big a problem as it is. If you get an email from something that says someone familiar’s name with a link, do you double check the sender’s email address? You should. Download and open an attachment without checking the same? Do you run good ad blocking software (I recommend uBlock Origin)? That’ll keep you out of 90% of the trouble you might find yourself in.
We often find ourselves with employees. Bob comes in with a hangover, forgets his diligence for 30 minutes, clicks on an infected link and… you’re screwed. This is a frequent story. Some of the ransomware out there is new to the point it hasn’t got any signature registered with the anti-malware companies to defend against. We’re past prevention, now we need to mitigate
the disaster.
I won’t waste a bunch of time on ransomware recovery. Suffice it to say – have a comprehensive & TESTED on- AND o -site backup for every critical system in your business. Most businesses that don’t will never recover from this.
Have more questions? Need help determining if you have best practices, policies and software in place? Would you like someone to come in and train your employees? I’d be honored to help answer your questions and help you ensure your business is standing on secure footing going forward.