Cybercriminals collected $209 million in the first three months of 2016 by extorting businesses and institutions to unlock computer servers.1 And that estimate is probably low, considering many companies fail to report such attacks for a variety of reasons. This type of crime has grown rapidly and is quickly becoming a favorite of attackers because it is so easy to execute. An attack like this on your business can have disastrous effects, many of which aren’t seen until after the ransom is paid.
Simply put, it’s a type of malware that gets into a computer from a user interaction and encrypts files, making them inaccessible. The goal is to shut down your ability to do normal business. The attacker then demands a ransom for the key to unlock your data.
One recently publicized attack underscores how difficult it can be to decide what to do.
An L.A.-area hospital was targeted and hundreds of patients’ lives were put at risk. The attackers achieved their infiltration through a simple targeted phishing email and one click of an attachment locked up the hospital’s medical records. They had very little recourse and ended up paying $17,000 to the attackers for the key to their own data2. In this case, paying the ransom was an easy choice with real health concerns in the mix, but that’s also what made them an ideal target. If you get hit with a ransomware attack, your organization will have an extremely difficult decision to make. Neither is ideal.
This is certainly the easiest way to get back up and running, but it only increases the likelihood you’ll be attacked again. Additionally, you are funneling money to organized crime or potentially even terror organizations. In some cases, companies paid the ransom only to have the attackers ask for more.
If you choose not to pay the ransom and have a good backup, then the choice is clear you can have your files restored. We take care of this for you with our backup solutions as deployed.
While ransomware attacks may have spiked, the tactics for preventing them are not new. It’s the same for all types of malware. Educate your employees on proper email protocol. Keep hardware and software patched and up-to-date, especially on your endpoints (Managed K2 Technologies clients get this done for you). And manage the access of your privileged accounts. This means removing local admin permissions and having all new software and updates taken care of by K2 Technologies.
That said, like malware, it’s nearly impossible to stop everything. Per the FBI, your best defense against this type of attack is having a strong backup policy. Not just backup. Backup Policy.
That means you:
To us, this just further underscores the need to have a strong recovery plan that includes backup and disaster recovery (DR). Many companies, once they have a DR solution in place, are choosing to use less and less backup to save costs. The problem is, while incredibly useful, disaster recovery faithfully replicates your current environment. If that environment is compromised, so is your DR.
When you have a solution like K2 Technologies BDR or K2 File Sync, you don’t need to take that risk. It’s a few simple steps that could save you from a disastrous attack. Please contact us at 307-686-3025 for more in-depth discussions.
See how integrated cloud backup and disaster recovery provide you with greater security on our Backup and Recovery page.
1Fitzpatrick, David, and Griffin, Drew. Cyber-extortion losses skyrocket, says FBI. CNN Money. 2016. http://money.cnn.com/2016/04/15/technology/ransomware-cyber-security/
2Staff Report. LA Hospital Paid 17K Ransom to Hackers of Its Computer Network. NBC Los Angeles. 2016. http://www.nbclosangeles.com/news/local/Hollywood-Presbyterian-Paid-17K-Ransom-to-Hackers-369199031.html
3FBI Public Service Announcement. Ransomware Victims Urged To Report Infections To Federal Law Enforcement. September, 2016. https://www.ic3.gov/media/2016/160915.aspx