What do you do when your data is kidnapped? According to a 2014 UK research study, 41% of ransomware victims were more than willing to cave in to the demands of ransom-takers than lose their invaluable digital files for good.
What would the sherriff do?
In 2014, the Dickson Sherriff’s Office paid $572 as ransom when the CryptoWall ransomware infected the department’s report management system. Though the law enforcement agency had no intention of meeting the extortionist’s demands, the Sheriff ended up paying because the records being held at ransom were sensitive, non-replaceable information. Their loss could have affected the county’s operations, ongoing investigations, and crime victims as well as citizens.
More recently, the Swedesboro-Woolwich School District in New Jersey was the victim to a ransomware attack on March 24th where the hackers demanded the ransom in bitcoins – 500 BTC, roughly $125,000. The attack took down all computer terminals, including POS terminals and email access.
Ransomware is a major crime
No matter how realistic the response to a ransomware attack may be, agreeing to pay the ransom is a far greater expense than keeping your security and backups up-to-date. Ransomware is a major crime – one that preys on the vulnerability of its victims. Since there is no guarantee that future attacks will not happen, it’s wiser to stick to the first line of defense: backup!
How To Play It Safe:
- Regularly back up all high-value data sticking to the 3-2-1 principle: 3 copies, 2 different media, 1 separate location.
- Ensure that up-to-date data backups are available offline and highly protected from unauthorized deletion.
- Deploy a multi-layer security framework that does not compromise the corporate network even in a BYOD (bring-your-own-device) and remote access environment.
- Keep operating systems protected with up-to-date enterprise security software.
- Train your employees (repeatedly!) to be on their guard against unsolicited emails, even the ones that look legitimate, and to never open email attachments or click on Twitter links/URLs from people they don’t know.
- Don’t give away administrative privileges to user accounts.
Ransomware comes from the same family of malware that is programmed to first disable the functionality of your computer and then demand a ransom for the key to allegedly restore it.
Both CryptoLocker and CryptoWall, reveal themselves only after they have scrambled and encrypted your files. The toolkit these criminals have at their disposal is constantly growing with new variants appearing to wreak havoc across the digital landscape.
One of the more recent and publicized attacks involved TeslaCrypt, a variant of CryptoLocker, which appeared in early March 2015, targeting gamers for the first time.
The ransomware of the future is likely to take on more deceptive forms. A good number of ransomware programs are programmed to hit enterprises because the stakes are higher when it comes to losing sensitive corporate data. Knowing that a successful enterprise-level intrusion can wreak tremendous damage in terms of operations and reputation, ransom-takers ravenously seek out databases, CAD files and financial data.
According to McAfee’s 2015 Threats Prediction report, the total number of ransomware samples in their lab surpassed 2 million by end of Q3, 2014. The report expects hackers to refine their ransomware attacks for POS terminals and cloud-based storage systems in 2015.
Sounds scary, but there is a way out! With up-to-date disaster recovery planning, the impact of a ransomware attack can be drastically minimized and possibly even deter ransom-takers from targeting enterprises once they realize the kidnapped data can be easily recovered from offline backups.
So why pay when you can play it safe?
Contact Now to Discuss Your Backup and Disaster Recovery Options.
Call us at:
1-877-463-7638 (in Canada) or 1-877-386-3763 (in the US)
Complete our contact form to schedule your free network consultation by clicking Complimentary Backup and Disaster Recovery Assessment