Ransomware is something that keeps IT directors and cybersecurity professionals awake at night, but many people have no idea what it is or how it could drastically affect their lives. The simple explanation is that ransomware is a software virus used to take over a company’s database until that company pays a ransom. These attacks are much more complex and sophisticated and are growing because of how successful they are.
The first attacks were primarily focused on private companies as they often would pay the ransom quickly to avoid bad publicity and lose customers’ faith. Most public companies’ security systems have become far more advanced and they employ large IT departments, making it much more difficult or nearly impossible to attack them. The focus of attacks has shifted within the last six years towards small businesses and local governments as they normally do not have the resources to protect themselves like large corporations.
Ransomware attacks on businesses
If you own a small business, you might find yourself a target for these types of attacks and need to remain vigilant. Whether you employ an internal IT department, or not, here are some tips to keep your business safe from ransomware.
- The first step to countering an attack is to have a backup system in place like a cloud service. This is imperative to protect sensitive client and business information and to continue operating while the virus is being removed. There are lots of places to back up your computer data such as dropbox.com, box.com, Microsoft 365 One Drive, IDrive, Backblaze and many others. Do your homework before investing in any of these!
- Make sure you’re installing the latest computer and program updates and do not give out administrative privileges to any program that you aren’t certain is completely secure.
- If you have Windows 10, and you get infected with ransomware, try rebooting your machine into safe mode, install anti-malware software and attempt to destroy the ransomware program. Once complete, restore the computer to a previous state. This technique can put your machine back in working order; however, it can’t decrypt your files. This is why we recommend frequent backups stored in a secure place that malware cannot access.
- If the attack has already happened and you do not have data backed up, there are services that can assist in recovering as much data as possible as well as IT firms that will help in removing the virus. A call to the local FBI branch and your service provider is crucial to stop further attacks but at this point, it won’t help ease the pain of the final part – contacting the affected individuals.
- Reaching out to your personal contacts and/or clients (if you own a small business) to let them know your company has been breached is a critical step in the recovery process. We feel that any credibility you believe your company will suffer due to a ransomware attack is far less than the potential backlash you may face if you do not alert everyone affected. Honesty about the cyber hack will help you remain trustworthy to those in your network and allow them to be diligent in protecting against a personal attack.
- How about paying the ransom? It is believed that nearly two-thirds of all businesses and people hit with ransomware pay the fee to regain control of their computer files. Before doing anything, be certain the cyberattack isn’t actually just “scareware”, which is a false ransomware attack. So, if you feel the ransom is credible, and you decide to pay the requested fee (likely made in bitcoins), keep in mind you might not get all your files back. About 30% to 35% of the time, hackers take the money and go, leaving your files perpetually encrypted and inaccessible.
It’s a dangerous cyber world we are living in these days. Stay tuned for more updates and recommendations as we continually work to try to keep you, your finances and your computer files safe!