With the multitude of ransomware attacks that have been in the news recently, we’ve been receiving various questions surrounding this topic. So, we wanted to clear up any confusion on this topic.
First of all, what is ransomware?
As the name suggests, it is software that can hold your individual computer or your business’ entire system for ransom. A cyber thief will take control of your network and not relinquish control until you have paid the requested amount.
According to Chainanalysis, which is a blockchain research firm, ransomware attacks are up over 340% in the past year. Over $400 million dollars have been paid in ransoms.
The average ransom amount has been on the rise over the past few years. In 2021, the average ransom requested is over $50,000.
Naturally, this leads us to the question of “How does ransomware get on your computer or in your network?”
The most typical way hackers accomplish this is via phishing emails. These emails will pretend to be from an authoritative entity, like your bank or PayPal. In reality, they are just posing as them and hoping to get you to enter your username and password into an online form that they created.
Now, according to security company SecureAuth, more than 50% of people use the same password for multiple accounts. Thus, if a hacker can get one username and password combination from you, there’s a 50% chance that it can be used for all accounts that are associated with you.
Another common way that a ransomware attack occurs is through tricking you or your employees into downloading a piece of malicious software. The download could appear to be a pdf or some other innocuous file type. Once it’s in your system, it works like a virus. It will lock everyone out and demand a payment.
What happens if you refuse to pay?
If you choose not to pay the ransom, there are a few different scenarios that could happen.
Scenario 1 – They move onto the next victim. This is the best-case scenario and leaves you in a position of having to restore your system.
Scenario 2 – They discover that you won’t pay, so they leak private information about you or your clients online. Depending upon what type of data you store, this could prove to be a huge blow to your reputation.
Scenario 3 – They discover that you won’t pay, so they decide to make their money a different way. They sell the private data of you and your clients on the dark web. Again, depending upon what type of data you have, they could make more money this way than if you decided to pay.
So, how can you protect yourself and your business from this type of attack?
There are 5 very clear steps for you to take to accomplish this goal.
Step 1 – Make sure that your entire system is backed up nightly offsite and off-network. You should retain at least 2 weeks of full backups (or a month if you have the digital space). This way, if the code doesn’t attack right away, you have the option of multiple data sets.
Step 2 – Have a plan in place for restoring from a backup in 24 hours or less if possible.
Step 3 – Train your employees to recognize cyber threats in all forms. There are many cyber training programs available that will send tips, tricks and quizzes on a monthly basis.
Step 4 – Keep your antivirus and firewall software up to date. You will see some added protection if you get your employees to use a VPN as well.
Step 5 –No system is impenetrable and many times, human error is the cause. Purchase a standalone cyber insurance policy to guard against this. Most cyber insurance policies cover this type of attack and provide the support to get you back up and running smoothly.
Have questions about any of these steps or how to purchase a cyber policy? Contact INF at 412.563.2106. We can get you a policy in less than a week!