Working for a Managed IT Services Provider (MSP) as a technology professional, I know the importance of security, and the many facets of it. Working for an MSP we take a proactive approach to protecting our clients, however, it is important to be accountable as a company. To that end, you probably have a strong firewall, anti-virus/anti-spam/anti-spyware software, password protection and maybe even encryption. Making security a top priority is important, not only to your company but to your customers/clients as well.
What about hackers?
There are a select number of people/groups out there that make it their mission to “beat the system.” These cyber criminals are actively looking for new ways to bypass protected data to obtain “sensitive” information. Some do it for a living, some to make a profit or steal identities and some to simply wreak havoc. Regardless of their goal, they are a threat and your company and employees must have an understanding of what is out there. The latest form of malware is called Ransomware. If it has not affected you or you haven’t even heard of it, you’ll definitely want to find ways to steer clear of it.
What is Ransomware?
The simplest definition would be that it is a form of malware that has the ability to take over your systems and files. When it hits, it will lock everything down. Once it’s locked down, the cyber criminals will demand payment in an untraceable currency, such as Bitcoin. The demand usually has a time frame in which you need to pay, say 24 hours.
The demand can come in a number of forms, with some being more direct than others. A message may pop up on your computer stating that your computer has been infected by Ransomware and you must pay to retrieve it. It can also be more elaborate, such as a fabricated story about the FBI’s sudden interest in you and the “illegal files” that you downloaded and if you pay a fine, the FBI will miraculously call off the search and you will no longer face jail time.
Whatever the case, hackers will ask for a fine that is unique to your business. The bigger you are, the more you are going to pay.
In a recent “Reuters” article it was reported that victims of Ransomware paid out roughly $24 million in 2015 and is expected to grow – dramatically – in 2016 ($209 million reported in the first 3 months of 2016). In fact, we have already seen some that have had an impact on hospitals – a new favorite target for criminals. According to “Digital Trends,” hackers hit a Los Angeles Hospital with Ransomware and demanded $3.4 million from them to restore access to their systems, and this does not include the cost of downtime. Their systems were reportedly down for more than a week following the attack. Eventually that number was reduced to $17,000, which was quickly paid by the President of the medical center.
There are multiple forms of Ransomware, with the most recent form known as “Locky.” The name is catchy but the impact is significant. It invades your systems and renames all of your files to include the extension – .locky. It not only renames, but also scrambles them and only the cyber criminals have the decryption key. Naturally, you can buy the decryption key from them, but please note that the prices will vary. Locky’s main route is through spam email campaigns, many of which are disguised as invoices. Word documents containing malicious macros are attached and if you run it, it will install the .locky extension.
The Top Five Ways to Protect Yourself from Ransomware
Backup, Backup, Backup – I Can’t Stress This Enough!
It is vital to have a Backup and Disaster Recovery (BDR) solution that takes images of your server, to avoid paying the fines. The ability to restore your data timely, is key to maintaining profitability and limiting downtime. For a business, you should try to have your data backed up offsite. This may include a direct backup to the cloud or a local backup that replicates to the cloud.
Don’t Click, if you Don’t Know
Don’t click on any emails from people that you don’t know – period. If you do so and there is an attachment, the last thing you want to do is download it. Business owners, C-level Executives, Senior Management, etc., must be aware of the threats that can be detrimental to their business/company. From there that information must be disseminated to all employees. The security measures that businesses take, mentioned in paragraph one of this blog, can be null and void if an employees’ curiosity is piqued.
Hackers are creative. If you choose to believe that the forces of our local government are focused on you, and what you download on your computer, it might make your feel “important,” for a moment. The reality is, they are just looking to lock down your systems and make you pay. Contact your Managed IT Services Provider, to learn more about best practices regarding Ransomware.
Don’t Pay the Piper
If you are infected, don’t try to resolve the problem on your own so that your company and the powers that be don’t find out. They are in your network, you paid once, are you willing to pay again? You don’t know what data has been encrypted or what security risks your company must face. Do not pay up or interact with the hackers in any capacity. If you have a business continuity plan in place, follow the protocol. If not, alert your direct report and if you don’t have an IT professional on staff, engage with an MSP or technology professional immediately.
Patching is vital to the security of your systems. Malware doesn’t just come in via email campaigns. It anxiously looks for security gaps/bugs in your systems and popular applications, including your browser. Make sure that all updates are applied to your network and operating systems to ensure that the vulnerabilities are limited. The harder a system is to penetrate, the quicker they move on.
Don’t Subscribe to “Ignorance is Bliss”
Staying on top of current trends in the technology industry may not be at the top of your list. However, if you don’t work with a Managed IT Services Provider (MSP), you must make an effort. You can no longer subscribe to “that would never happen to me” or “my company is too small, why would a hacker be interested.” Everyone is fair game. Following best practices as it relates to security is critical. This includes the security of your infrastructure, establishing employee protocol as it relates to employees, installing a Backup and Disaster Recovery Solution combined with a Business Continuity plan and keeping your software up to date, as mentioned above.
Not sure where to start? Contact your Managed IT Services Provider or reach out to The TNS Group for more information. Through our Managed IT Security Solution, we will provide the front-line defense and planning that you need to keep your data, company and employees protected.
By: Chris Carlson, Client Services, The TNS Group