As we rang in the new decade, the Emisoft Malware Lab’s 2019 State of Ransomware Report notified us that last year approximately 764 healthcare organizations, 113 state municipalities, and 89 universities were victims of this vicious form of malware. After a ransomware attack, hackers acquire and lock your employees out of their personal data. These staggering numbers and the damage done cause a natural reaction to want to investigate and resolve the problem at hand.
Although there is no way to fully halt these attacks, there are many steps businesses can take on an individual and company-wide basis to combat the ransomware revolution.
Framework IT is a Chicago-based, managed IT service provider (MSP). Framework can help assess your environment, identify your risks, and provide the expert solutions you and your company deserve.
What is Ransomware?
Ransomware is generally defined as malicious applications or code that uses encryption technology to lock down files on a system or network. A decryption key will only be awarded if a ransom is paid in the form of cryptocurrency.
The malware link is generally some type of executable script that gets installed on the users’ hard drive via e-mail attachments, web browsing, or even an affected flash drive brought from a home computer. This software usually causes immediately encryption, but it can also lay dormant and go unnoticed for long periods until they are triggered by specific events such as a time and date or opening a specific program.
In many instances, ransoms are seen with very low expectations. Some ransoms are seen for as low as $800, but more often than not they are in the thousands. Famously, the entire city of Baltimore recently was attacked with a ransom demand of over $76,000.
Who is Affected by Ransomware?
As for a typical victim, a common denominator is yet to be found. Many are being affected: from large corporations, home-grown operations, entire cities, and healthcare institutions.
A common tactic among this community of ransomware hackers is social engineering – or manipulating people into breaking security procedures and best practices.
This is a common occurrence within popular business networking platforms. Hackers will research the connections of C-level executives, see who they are interacting the most with, and continue to further their strategy from there.
For example, the CFO of a company receives an email with an attachment from someone he recently connected with on LinkedIn. The email address was one letter off of the true sender’s actual name, and the CFO wasn’t aware of the discrepancy. The email included what appeared to be legitimate logos, so they clicked on the attachment which unfortunately contained ransomware.
Three Long-Term Consequences of a Ransomware Attack
We’ve discussed the money associated with a ransomware attack, but the consequences of ransomware attacks are not all necessarily monetary.The common impact of a ransomware attack leads back to the loss of customers.
The most obvious consequences are the financial repercussions. During the aforementioned ransomware attack on Baltimore, the city ended up paying over six–million and counting in damages to clean up the entire situation.
It is highly recommended that large corporations and municipalities acquire insurance for these situations. During the same timeline of the Baltimore attack, a Florida city was held at ransom for $460,000. Fortunately, they were insured with only a $10,000 deductible. In this case, the recovery efforts would have been far more than just paying the ransom, as it was believed it would exceed the one-million in coverage that they held.
The FBI no longer recommends paying the ransom, as this encourages other hackers to attempt an attack. If the effort goes so far that legal action is taken, attorneys will recommend cyber forensics get involved to possibly unlock data without ransom.
The average downtime depends on what the company already has in terms of defenses and backup. With the use of security suites and backup solutions downtime can be minimal, and if they are caught in time, a simple “flip a switch” can ensure protection.
If no protections are in place at the time of the attack, many companies can be down for multiple days or even weeks.
hat may possibly be the most famous cyberattack to date, the WannaCry virus attacked the UK medical system causing more than 19,000 appointments to be canceled and 200,000 computers to be locked out. The repercussions of this were valued at nearly 20-million in damages after one week of downtime.
The loss of a reputation may be the most damaging effect of a ransomware attack.
If valuable information is breached or data is lost, your customers will need to be notified – and the hackers are aware of this. According to Trend Micro, some ransoms threaten to delete the user data if the ransom is not paid within ten days.
This can be critical when those among the likes of hospital patients, or others in critical conditions, are affected. The WannaCry attack didn’t just impact appointment scheduling. It also caused surgeries to be canceled which in turn urgently forced patients to other hospitals. Many records were also entirely encrypted, causing over ten-thousand patients to lose crucial medical information.
All of these examples threaten the long-term reputation of a company for the worst. It’s important to educate your employees about ransomware attacks and how they attack individuals and your entire company.
The Best Ransomware Protection is Education
Similar to many important lessons in life – teaching safe practices and providing practical information to its users will assure a secure and positive result.
Security awareness training is very important for a company to employ while onboarding employees. They will be taught the most common warning signs such as recognizing misspellings in emails, not clicking on suspicious links, or downloading unfamiliar files.
There are many valuable sources of information easily and immediately available online for anyone interested in delving deeper.
A multi-step verification process is also highly recommended to be implemented before downloading attachments and other related actions. Many businesses will refuse to enable email verification because they are afraid of bothering their employees. It is not only important to protect the integrity of your information, but also those who are crucial in the process of creating it.
Need Assistance Protecting Your Business from Ransomware?
When asked for the most valuable bit of ransomware information he would give a client, the CIO of Framework IT, Mike Colb said, “Don’t view security and protection as an insurance policy. They help you in the event something has happened monetarily. Train and invest in your employee’s knowledge and protect in your data being protected.” I
It is chronically important that your company is protected from malware. If you’re experiencing a ransomware attack, or simply want to make sure your company is protected from ransomware, Framework can help.