Protect Your Business and Data from "Ransomware"
In 2014, consumers were subjected to security breach after security breach as major retailers and service providers disclosed that they had involuntarily shared your personal data. While this is an extremely dangerous trend, the majority affected could move on with only being inconvenienced. However, over the past few years, a new form of digital extortion has arisen that has damaged unprepared small businesses—Ransomware.
Ransomware is state of the art extortion that combines: Your Data, Bitcoin, Software Insecurity, Cryptography, Phishing Attacks, and Organized Crime. Ask yourself, would your business survive if you lost 100% of your data and backups? Could you afford a $1,000.00 to $100,000.00 ransom? Likely law enforcement will not be able to help.
How Ransomware Works
At its core, ransomware is a program that restricts access to your data in exchange for money. The current generation attacks your network like any other computer virus or malware, but instead of trying to sell you something, or purely be destructive, it targets the files on your computer and encodes them using strong encryption that would take upwards of hundreds of years to break. Once it completes the job, your files are completely unreadable, but the operators will sell you the code to open your files once funds are transferred to their bank account or Bitcoin wallet.
Smarter ransomware will continue to target devices on your network and your backups, then spread to other devices, workstations, and servers. Versions of CryptoLocker specifically deleted Shadow Copy backups. While we have not seen the current generation jump to "cloud" applications, expect it as the software becomes more advanced. What if a keylogger grabbed your cloud app password, and you had 5 minutes to send money or your account would be cleared?
You could say: "No one is interested in my data, this wouldn't affect me, I wouldn't be a target." You may be right, your data may only by valuable to you, but that is the point, and everyone is targeted because it is so easy to do so. Even if a minute number of businesses pay, this is incredibly profitable.
The purpose of this article is not to fear-monger, but to make our associates and clients aware of the issue as it becomes more common.
How Do you Protect Yourself?
The same way you protect against other viruses and scams, but additionally, operate like you expect to be infected. Regular automatic daily backups are not enough, since if you are not fast enough they will be overwritten with bad data. Since accessible backups may also be infected, you need "versioned" backups, "detached" from your computer, not just copied onto another drive.
Information security is a vital aspect of your business, and thus concerns us as your consultants. For clients that would like tailored suggestions for this issue, or if have other questions about protecting their business, assets, or privacy, please contact our office.
For More General Tips: https://www.google.com/search?q=how+to+protect+against+computer+viruses