The Real Threat of Ransomware

The Threat of Ransomware

Ransomware is the top cybersecurity concern facing your business today.  Ransomware is not only a threat to your business, but also a real threat to the technology infrastructure of your nation and the world.

The Real Threat of Ransomware

"If you have built castles in the air, your work need not be lost; that is where they should be. Now put the foundations under them."

~ Henry David Thoreau, Walden

The Full Scoop

Ransomware is the top cybersecurity threat affecting business organizations today.  A major US Pipeline, Colonial Pipeline, has recently had to halt operations due to a opens in a new windowRansomware attack.  This is deeply impactful, as Colonial Pipeline delivers 45% of the fuel consumed on the US East Coast.  The threat to business operations, hospitals, utilities and governments is substantial.

Ransomware is a hacking technique where, most commonly, an end user is tricked into opening a file or email attachment. The file attachment acts as a trojan, that proceeds to encrypt the data files on your machine. Once your files are encrypted, the bad actors demand payment from you to recover your data.  This is called encrypting ransomware, and while not the only type, has become a prevalent issue for companies of all sizes.

Here are some tips for what you can be doing to protect yourself from Ransomware.

  • Training
    • Be sure you are training your end users.  Your IT Vendor can setup a world of security, but your employees are a line of defense that hackers are going to directly target and manipulate.  Keep in mind that, opens in a new window95% of Successful Security Attacks are due to human error.
  • System Updates
    • Security threats are constantly evolving.  Be certain your computer is updated with the latest vendor security patches.  Not only your personal work computer either, any device running an Operating System on your network will need occasional updates.  Think about all the hardware you have; networking devices, servers, phone systems.  If it is running software, it likely has security weaknesses.
  • Advanced Threat Detection
    • Gone are the days of needing a simple firewall and antivirus protection on your local computer.  Security solutions exist that will monitor your network and systems and data in real-time, against far more than just viruses.  These solutions keep themselves updated, and look for patterns while notifying your technology team of threats.  There is always more that can be done to protect your systems, so while budgets are important, speak with your trusted IT Partner on solutions that could be protecting you.
  • Insurance
    • Invest in a cyber security insurance policy.  This can help offset the cost in lost downtown and wages.  Be sure to speak with your insurance provider to understand what the insurance is really covering.  Policies often have caps on the amount of coverage for Ransomware, and may only help with investigation; but will not compensate you for lost wages.
  • Backups
    • When all lines of defense fail, be sure you have on-site and off-site backups you can restore from - and be testing those backups!  Do not assume your backup jobs are working, set aside time to occasionally test that they are fully functional.  Understand that cyber criminals will try to corrupt or encrypt your backups files too, which is why having an off-site copy is critical.

The average downtime for someone that has been hit with a Ransomware attack is approaching three weeks, and opens in a new windowthe costs are growing astronomically.  Take steps today to look into whether you are not only a target, because you are, but how well you would fare if a Ransomware attack happened to you.