ransomware hackers today

Hackers Today Use Ransomware

Hackers today are much more creative than their forerunners. Rather than stealing your credit card info and running up as many charges as possible before the bank stops them, they now focus on holding captive your sensitive data and offering to release it back to you for a fee and that is what is called Ransomware.ransomware

Almost every industry holds personal and private data of their clients, so ransomware attacks not only impact business operations but individual customers and their data. Most states have laws about informing consumers of a data breach, and once the general public or your customer base knows you’ve been attacked, then trust and credibility are lost, sometimes irreparably. Data held for ransom could include confidential information about assets, employees, vendor contracts and bank accounts, social’s, medical records, or multitudes of other sensitive data that could impact your business or clients if released or misused.

cybersecurity

These hackers typically use your own system to lock your data, then request a payment or threaten to post private information online for all to see, or simply sell or use the data themselves. After receipt of the “ransom” payment, the hacker usually follows through on the promise so as not to endanger the potential of future ransom payments.

There are many other headaches associated with being attacked, from hiring investigative firms to see how the attack happened, to implementing prevention measures to mitigate future risks, to the business interruption that occurs when an attack stops everything in its tracks.

Rasomware Payment is Required in Bitcoin

Ransomware payments are almost entirely expected to be made in bitcoin, which is confusing and difficult for most small business owners to obtain. There are companies out there that will sell you bitcoin like any other currency, however responding to a ransomware attack alone is confusing and overwhelming. Too many business’s don’t have the specific insurance policy in place to cover such an attack, and therefore pay for the costs of dealing with the problem out of pocket. There are many other companies that focus on helping business’s deal with a ransomware attack and put programs in place to prevent it from happening in the future. That’s why being prepared is a business’s number one defense, as the numbers continue to rise, the possibility of attack becomes a “when”, not an “if”.

bitcoin

Hackers identify profitable targets from online profiles, company websites, and public real estate records. Typically, small to midsized businesses are targeted. More than 4,000 ransomware attached have occurred every day since the beginning of 2016. That’s a 300% increase from 2015.* The total number of users who encountered ransomware between April 2016 and March 2017 rose by 11.4% compared to the previous 12 months (April 2015 to March 2016) – from 2,315,931 to 2,581,026 users around the world.**

The main access point for hackers seems to email. If they gather enough information about you from accessing or intercepting your emails, they will be able to, in many situations, gain access to your systems.

The more they learn about you, the more likely they will succeed in extorting a better "ransom". In many instances, the FBI recommends paying the ransom because the alternative resolutions are more expensive than the cost of the ransom.

9 Ways to Mitigate Your Risk?

  1. Backup your files regularly and keep a recent backup off-site.

The only backup you’ll ever regret is one you left for “another day.” Backups can protect your data against more than just ransomware: theft, fire, flood or accidental deletion all have the same effect. Make sure you encrypt the backed up data so only you can restore it.

  1. Don’t enable macros.

A lot of ransomware is distributed in Office documents that trick users into enabling macros. Microsoft has just released a new tool in Office 2016 that can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet.

  1. Be very careful about opening unsolicited attachments.

Most Windows ransomware in recent months has been embedded in documents distributed as email attachments.

  1. Don’t give yourself more login power than necessary.

Don’t stay logged in as an administrator any longer than necessary. Avoid browsing, opening documents or other regular work activities while logged in as administrator. Compartmentalize your business so that very few or no individuals have unlimited access to all files.

  1. Patch everything.

Malware that doesn’t come in via document macros often relies on bugs in software and applications. When you apply security patches, you give the cybercriminals fewer options for infecting you with ransomware.

  1. Purchase, Install, & Update Comprehensive Firewall and anti-virus and malware programs.

Don’t have your own IT department or in-house technical expert? Hire a firm to take care of all digital security. The money you will invest in cyber-defense is a true investment in your business that you will not regret.

  1. Contact your Insurance broker/agent for a policy that will cover for Digital and cyber attacks or mistakes.

Each insurance company offers a slightly different policy, and each policy can be customized to fit your business needs and exposures. Be sure to discuss with your broker exactly where your exposures might lie- how you collect and store your client’s data and what type of data do you collect, how much of your revenues depend on online marketing or an online store, and how much your business might be impacted financially if all business operations had to stop due to an attack.

  1. Train Employees to recognize and respond.

Many ransomware attacks start out as phishing, where a legitimate-looking email tells you to download an attachment or click on a link. Training employees on what a phishing email might look like and how to respond appropriately will help prevent virus’s from gaining access. Most ransomware attacks rely on a level of human fallibility to allow access because the human on the other end thinks the source is trusted and allows the ransomware access.

Visit the U.S. Computer Emergency Readiness Team  website for additional information on how to protect your business from ransomware attacks. https://www.us-cert.gov/

Other resources

  • Reporting Federal Bureau of Investigation Cyber Task Forces

www.fbi.gov/contact-us/field

  • Internet Crime Complaint Center

www.ic3.gov

  • United States Secret Service Electronic Crimes Task Force

www.secretservice.gov/investigation/#field

references

*https://www.justice.gov/criminal-ccips/file/872771/download

**https://securelist.com/ksn-report-ransomware-in-2016-2017/78824/

Contact us

Leave Comment