One day you turn on your computer expecting to work on your emails and instead you’re greeted with a big red image demanding dollars payable to an unknown party in the next twenty-four hours or everything on your hard drive will be erased and gone forever. Welcome to the latest, “hottest” way for cybercriminals to pick your pocket – ransomware! But what is ransomeware, and what can be done to protect against it?

A Brief History of Ransomware

As security professionals and software vendors have made headway in combatting global malware campaigns, hackers have been stimulated to come up with more inventive ways of maintaining their revenue streams without relying on run-of-the-mill frauds using credit cards.

So, new viruses were born with names like Cryptolocker, Cryptowall, and, more recently, TeslaCrypt, all members of a family of infections known as ransomware. The earliest known version of ransomware, CryptoLocker, first appeared on the scene towards the end of 2013 and hit so hard that it sent the Internet world reeling.

Suddenly a flood of users was reporting that a new kind of virus had locked down their hard drives, and their critical data was being held to ransom. Because of its unknown nature, ransomware was able to infect tens of thousands of computers in a matter of days. What made matters worse was that the cybercriminals received encouragement from desperate users who paid the ransom to get CryptoLocker removed from their computers.

Unlike “conventional” malware that installs backdoors, keyloggers, or trojans on a computer, with the expectation that a user will eventually provide details of a credit card or other personal information, CryptoLocker and its variants create simpler and more reliable ways to maintain revenue streams. Initially ransom amounts varied wildly – from $25 to $600, usually always paid in Bitcoins, or forwarded via MoneyGram to untraceable prepaid cards in Eastern European nations. Recently, the criminals have become bolder by, for example, attacking hospitals – a Los Angeles hospital recently paid them off to the tune of $17,000.

Ransomware Went Mobile

Ransomware soon spread to mobile security firms and mobile phone owners by migrating to selected hardware devices running Google’s Android operating system, and even a few devices in the iOS ecosystem. Fortunately, phones and tablets with Android or iOS automatically back up vital data to the cloud each time the devices are plugged in for recharging, so the damage was significantly less pronounced than what was being seen on PCs.

Two Simple Solutions

1. Contact an antivirus vendor: If you get infected, an antivirus vendor may have a fix for your specific type of ransomware. What was once an undefeatable wild animal has since been tamed into a much more manageable threat, and many antivirus fixes are available that can be downloaded to a USB stick to plug in when the ransom screen appears. That said, criminal innovation is not stopping, and new types of ransomware are being developed daily making it difficult for antivirus vendors to stay on top of the problem.

2. Back up everything: Ransomware exploits people’s reluctance to back up their data onto a hard drive that is completely separate from their main PC or network. By backing up your files to an air-gapped external hard drive each day, you circumvent the rationale that allows ransomware to get you to pay up in the first place. Alternatively, you can use a cloud storage solution or backup service to provide the same level of protection.

Conclusion

When ransomware first struck, it sent a tsunami wave through the security industry and affected tens of thousands of computers. Since then, out of necessity, the IT world has adapted. If you have concerns about the safety of your computer network, please let us show you how we can help you to avoid being ransomed.

 

Cyber threats are usually blamed on malicious outsiders – hackers trying to steal confidential customer or client information, corporate intelligence, or financial data. However, the ignorance or unintentional negligence of a business’s employees sometimes opens the door and invites these cyber criminals in. To prevent this careless behavior, there is a need to educate employees on their responsibility to help prevent a cyber security breach. Therefore, with respect to your business, don’t wait to react until a cyber problem occurs; instead, make the assumption that security may well be compromised at some point in time, and help your personnel learn how to assist in ensuring the safety of your company. Here are some practical steps you can take to raise the level of security awareness inside your organization.

Hold Discussions With Your Employees

It’s not enough to just have your employees read and sign a document delineating your company’s IT policies. You also need to talk to them about the possibility of a cyber event and emphasize the negative impact this will have on your business. Make your employees feel involved by explaining their obligations to the company in this regard.

Include Top Management

It’s vital not to exclude executives and top management personnel in your network security education. Traveling executives availing themselves of free hotel Wi-Fi without encryption can be targets of cyber “pirates.” Consider that potential damage to your company and financial rewards to the perpetrators can be much greater if top level management is involved.

Conduct Regular Training Sessions

All new employees should receive mandatory training in cyber security, and everyone should have regular refresher courses. Don’t wait until a problem has occurred before putting your training program in place. Formulate specific rules concerning file transfers, e-mails, application downloads, Web browsing, mobile devices and social networks. Explain to employees how to recognize suspicious looking links from unknown sources and contacts from individuals pretending to be co-workers and asking seemingly innocuous questions – what these persons are really up to is attempting to gather information about your company and its operations. To lighten the mood, you could quiz your attendees to test how much they have learned – make this fun and relevant, and give rewards for good performance.

Encourage Feedback

You want your employees to feel free to complain if they find some requirements too irksome to comply with. For example, if you make it a rule that everyone has to change their passwords once a week, be aware that they will resort to less secure procedures such as typing them into on-line documents or writing them on post-it notes stuck to their computer monitors.

Don’t Be Discouraging

Never appear irritated towards an employee who raises a red flag, even if it turns out to be a false alarm. This will make the individual hesitant to speak up the next time when the problem might be real. If too many false alarms are being reported, think about revising your training procedures.

Be Prompt and Transparent

If a network security incident occurs, communicate this to your workforce as quickly as possible. Any delay can make the situation worse, increasing the adverse impact on your company.

Put Procedures in Place

Formulate step-by-step instructions on how employees should react if they believe they have encountered a security problem. Another plan should provide strategies for internal communications and public relations to provide an efficient and calm response to a cyber security attack.

Conclusion

It’s absolutely necessary to take steps to protect your business against malware and cyber crime. However, you don’t have to do it alone. Our expertise can assist you with all aspects of network security risks from inside and outside sources. Talk to us and we will be happy to provide information on this and all of our IT services.

 

Information technology (IT) has transformed the business world by enabling data to be processed quickly and efficiently. Computer systems, laptops and mobile devices are in every office and home. E-mail and VOIP (Voice Over Internet Protocol) telephone systems are primary forms of communication. All types of data (including orders and payments) are transferred from one business to another via Electronic Data Interchange (EDI). Servers process enormous volumes of information and store vast quantities of critical data. However, disaster can strike in a nanosecond and all this technology stops working. This is why local IT support is so important.

A computer network crash is not just a temporary inconvenience. The inaccessibility, or worse the complete loss, of critical data has a huge negative impact on the continued operation and even the viability of the affected business. The adverse effects of data loss or corruption from hardware failure, hacking, malware, or simple human error are huge. Information Week magazine reports that computer downtime costs US businesses $26.5 billion per year. A report from Pepperdine University indicates that companies suffering a network failure lasting over ten days never completely get back on their feet financially, and roughly half of them will fail within five years. Therefore, it’s vital for every business to have a plan to backup and restore digital information.

Does Your Organization Have a Recovery Plan in Place?

If it does, that’s obviously a good thing, but then the question is, is the plan adequate? The following are some recommended steps to set up or enhance a disaster recovery plan.

• Look at your current plan (if there is one) and make an assessment of the level of protection it provides. Is this level high enough?
• Determine how long your business can reasonably afford to have its computer network be down.
• Assess how much data your business can afford to lose.
• Review your current backup system and determine whether it needs improvement.
• Make a list of all your system’s crucial components – servers, other kinds of hardware, and software applications.
• Document the processes needed to bring your server(s) back online.
• Take a look at your IT staff. Do they possess the necessary expertise to cope with an unpredictable disaster? If you have a contract with a local IT support firm, how quickly can their personnel be on your premises?
• If you have on-site servers, review the control room environment. Is it sufficiently secure, does it have a backup power supply and effective climate control?

The Importance of Testing

There are several excuses you can come up with for not testing a recovery program on a regular basis – no funds in the budget, not enough time, workflow interruptions, etc., etc. However, if you don’t test your plan, you have no idea if it’s even going to work. You certainly don’t want to wait until disaster strikes to discover its flaws. So, run a test of your recovery system and find out how well it works (or doesn’t work) as soon as possible.

Virtual or Physical Servers?

Does it help to have both physical and virtual servers (which is usual these days)? The answer is not really – deletion of data on virtual servers occurs just as often as on the physical kind. And, keep in mind that physical servers usually run your firm’s most critical applications, such as those processing payroll data.

Help is Available

If creating and testing a disaster recovery plan seems a little overwhelming, or you don’t have the personnel or expertise to effectively handle the project, please contact us. With ………………….. local IT support you can stop being concerned about network crashes and loss of data. We will make sure that you only have to cope with the absolute minimum of downtime and are back up and operational again as quickly as possible.