When was the last time you made a backup of all your data? How often do you make incremental backups? Do you keep these backups on a separate storage device and disconnected (or firewalled away from) the rest of your network?
“Say, why do you ask?”
The primary reason I’m asking right now is because ransomware is growing rapidly in occurrences; over 700% from last year. Three of the best ways you can help defend against it is by:
1) Making backups of all your data and software on a separate storage device that is not attached to your network or computer except only when backups are made (during which time you should be offline). Have you done this lately? How often do you back up your critical data? Are your backups of your operating system and applications good and able to work when you need them?
2) Using effective and constantly updated anti-malware tools. When was the last time you updated your anti-malware tools? Do they check for zero-day types of malware? Do they check for signs of ransomware? If they don’t consider getting an anti-malware tool that does.
3) Not falling victim of phishing attempts. Educate yourself, and your co-workers, friends and family, about ransomware; how to spot it and prevent from being a victim. Show them this article as a start. Provide ongoing reminders, and more formal training as appropriate.
What is ransomware?
Ransomware is malware crooks use to encrypt your hard drive. They then require you to pay them a ransom to decrypt it. What I’ve seen is typical is a requirement to pay them $500 if you pay quickly, $1000 if you take longer than a few days, and after a specific period of time they will delete everything from your hard drive.
How do they load this ransomware on a computer?
Typically the crooks will trick you into clicking a link or downloading a file through a phishing message via email or text. For example, in one that has been effective, they will send you an email stating you’ve been caught by a red light camera or a speeding camera and now need to pay a fine. They then provide a link to a website where they claim you can see the video and tell you that you can pay the fine with your credit card. Such sites often even try to replicate a valid site by requiring you to make a captcha entry. IBM provides a good overview of captcha here if you aren’t familiar with it.
Once you’ve entered any preliminary information, the malware is downloaded to your computer, and your entire computer (this includes smartphones) is encrypted. You then have a message shown on your screen directing you where to go to get the decryption software to pay, typically via a prepaid money card or Bitcoin, to get your computer contents back. The problem is, if you pay the ransom, it is likely there are still links from the crooks to your computer so they can continue to hold you ransom whenever they want.
Ransomware is also spread through malicious adware (this is called “malvertising”) on legitimate sites, such as Yahoo, AOL and Match.Com, so you really need to be careful what you click even on the site you trust.
Who do they target?
A statement I’ve heard from literally hundreds (if not thousands) of small to midsize businesses, not to mention a large portion of the general public, is: “I’m not large enough for hackers or crooks to target.” This is a dangerous, and completely false, belief. Crooks target ANYONE (businesses of all sizes, cities and other government agencies and individuals) with their digital crimes. Why? Because the more they target, the more victims they’ll get; and with unlimited digital crime paths it is really easy to target literally millions of people and businesses.
How successful have the crooks been?
This has been a particularly lucrative crime in a comparatively short period.
- Malvertising methods make an estimated US$25,000 per day for the attackers.
- Just one type of currently less rampant ransomware, CryptoDefense, made over $34,000 in one month.
As more crooks see how much money their buddies are making, you will see more and more types of ransomware being launched, putting you and your business at risk if you are not on the lookout for the signs of such a crime.
Bottom line for organizations of all sizes…
Every business, no matter how small and in many ways even more so if they are small, needs to be aware of this current and growing criminal activity. Make your co-workers aware, and take the necessary precautions, including making frequent and full backups and using effective anti-malware tools, to keep from becoming a victim.
This post was brought to you by IBM for Midsize Business (http://goo.gl/t3fgW) and opinions are my own. To read more on this topic, visit IBM’s Midsize Insider. Dedicated to providing businesses with expertise, solutions and tools that are specific to small and midsized companies, the Midsize Business program provides businesses with the materials and knowledge they need to become engines of a smarter planet.
Tags: awareness, Cryptolocker, IBM, Information Security, information security risks, infosec, malware, midmarket, privacy, privacy professor, privacy risks, privacyprof, ransomware, Rebecca Herold, training