WHAT IS RANSOMWARE AND WHAT DOES IT DO?

Overall, 1989 was a good year: The first episodes of The Simpsons and Seinfeld aired, the Berlin Wall came down, Nintendo released the Game Boy, and, perhaps most importantly, the World Wide Web was invented. However, with great leaps in technology came great leaps in efforts on the part of some people to ruin it for the rest of us, and 1989 was also the year that the first ransomware attack hit computers.

As one of the most costly forms of malware attack, ransomware has grown increasingly vicious and costly to combat over the past three decades. It is estimated that by the end of 2019, ransomware attacks will hit businesses every 14 seconds and cost $11.5 billion annually, and an estimated half of American businesses run the risk of being held hostage by ransomware.

How Ransomware Works

Early ransomware attacks—including that one back in 1989 that came on a floppy disk and demanded a $189 “licensing fee”—merely locked the victim’s computer screen and were relatively easy for a security expert to unlock. Today, ransomware is spread most often via phishing emails with malicious attachments, or by enticing a person who is unknowingly visiting an infected website to click a seemingly legitimate link. With one click, the malware is downloaded and installed on the person’s device without his or her knowledge. Suddenly, a poorly written ransom letter appears in a pop-up, and the cybercriminal promises to free up the device and any stolen data once a ransom—usually demanded in a hard-to-trace cryptocurrency such as bitcoin—is paid. Until the user pays the ransom, their data, computer, and livelihood are held hostage.

The FBI warns that criminals are also seeding websites with malicious code—and people’s computers with unpatched software are especially vulnerable. “Malvertising” can deliver ransomware code from apparently genuine websites without the person even clicking on a link. One especially infectious ransomware worm known as WannaCry managed to infect 75,000 computers without any of the people clicking on a single link or taking any action.

As for the costs of ransomware attacks, here are four things to know:

  1. Ransom demands vary. Typical ransomware demands can range from several hundred dollars to more than $100,000, with the largest ransomware heist coming in at roughly $1.62 million.
  2. It costs more than just the ransom. Erie County Medical Center ended up paying nearly $10 million as a result of a phishing scam—and that’s without even coughing up the original $30,000 ransom demand. Instead, expenses came from, among other things, having to replace computer hardware and software, hire assistance, and pay staff overtime, not to mention all the lost revenue during downtime.
  3. Paying the ransom isn’t a guarantee. Even if the ransom is paid, the business may still suffer from lost data, or the decryption key may not work. In some cases, the criminal may not even provide a decryption key.
  4. Ransomware’s true impact isn’t known. Because many attacks go unreported, the true cost of ransomware attacks is unknown. One estimate is that by 2019, ransomware attacks will cost businesses a mind-blowing $11.5 billion annually.

Preempt—Don’t Pay Out

Don’t wait until your company is held hostage by ransomware to get up to speed. Be proactive with these six ways to protect your company from ransomware.

  1. Create a culture of security awareness. Most ransomware attacks happen when a person clicks on a bad link or visits a fake website. Keep your employees aware of security issues throughout the year by engaging them with security awareness training.
  2. Develop a security incident response plan. Being security aware means being prepared, and it’s never too early to start planning for an attack. The number one thing to instill in your team: Take your computer offline ASAP if you suspect a ransomware attack and report it right away.
  3. Back it up, darn it! Sometimes, even when criminals get the ransom they’re looking for, they don’t return your data. To avoid this costly, embarrassing situation, back up your data regularly using any of the dozens of free backup solutions available. Knowing your data is safe will make the decision to not pay a criminal even easier.
  4. Secure your networks. Patch your operating system and keep it up to date, and strengthen your passwords and security protocols. Cybercriminals love vulnerabilities. Give them less to love.
  5. Install antivirus and antimalware software. You know you should do it, so just do it.
  6. Have your employees check their personal computers. More often than not, employees access their work email or an office portal from home, so if you’re not sure if they’re properly preempting an attack, talk to the people who know before your well-meaning employees accidentally open a can of very expensive worms.

Lastly, whatever you do, do not, under any circumstances, pay the criminal. According to a report by CyberEdge Group, only 19 percent of companies that pay the ransom ever see their data again, so it’s just not worth it. Schedule a demo today with the experts at Habitu8 to learn more about how the right security awareness training can help protect your company from the pitfalls and costs of ransomware.

 

 

Request a Consultation