How to Protect Your Data With Ransomware on the Rise
Ransomware incidents aren’t slowing down anytime soon; attackers are just getting smarter and bolder. Any organization, big or small, can be a target. Last year, hackers launched ransomware attacks on Baltimore, Atlanta, and 80 other cities, costing the municipalities millions of dollars.
A single attack strategically launched on a managed service provider in Texas infected 22 other cities.
This is just one of the bigger ransomware stories from last year, but you don’t have to be a city, or even a large company, to be affected by this. Companies of all sizes are reporting increased ransomware attacks.
The most common delivery system for ransomware is a phishing scam or attachments that are delivered to victims masquerading as a person they know and can trust. Once the recipient downloads the attachment and opens it, it will move to encrypt the user’s file system.
It then presents the user with a message stating that they must pay for the key to decrypt their data. Sometimes the software will claim to find incriminating evidence on the victim’s computer and either demand payment or threaten to send it to authorities.
One reason for the ransomware trend is the increased use of cryptocurrency, the preferred payment method of hackers. With standard payment methods, like a debit or credit card, authorities can trace the payment to the hackers being paid. Cryptocurrency payments are untraceable, though, making holding business data for ransom the perfect crime.
So what can a business held hostage do? The police really can’t do much if they can’t trace the money. The Baltimore hackers asked for $72,000 in bitcoin. The City of Baltimore refused to pay but ended up spending $18.2 million to fix the problem. Very few organizations have that kind of budget available to avoid payment. Business owners usually end up paying the ransom so their business can return to normal. However, they wouldn’t have to deal with ransomware if the threat was mitigated in the first place.
The first step in preventing ransomware attacks is Security Awareness Training or SAT. Your first line of defense against a ransomware attack is a well-trained staff. Once they know how to identify a phishing attack and report it, you won’t have to worry about ransomware attachments; your staff will know not to download them.
Another step is keeping your software up to date and its security holes patched. Ransomware typically targets vulnerabilities found in networks, systems, and software. Regularly scanning your internal network, external network, and applications for security flaws will stop ransomware from infecting your systems.
With a team like Canary Trap in your corner, the hacker out to kidnap your data will look elsewhere for a less-prepared target.