Ransomware: Understand the Threat. Educate Users. Protect Your Organization.
THE THREATNot so long ago, email scams were very popular. In most cases, a “Nigerian Prince” would ask the email recipient to send money or a small investment back to him. This advance-fee con became easily recognizable from the poor grammar and tone of the message. The scam continued for several years because it worked. This particular fraud is now a thing of the past and not many would fall victim today, but scammers and hackers are still on the attack and at a much more sophisticated level. Inconspicuous and malicious software is on the rise and causing problems for organizations around the globe.
A local Minnesota manufacturing company was recently targeted twice in just a matter of days. An employee clicked on a link that was emailed to him from his bank. Or what he thought was his bank. The email looked professionally written, had his correct contact information, had the bank’s contact information, the bank’s logo, and their mission statement.
Moments later the dreaded pop-up appeared:
This employee fell victim to Ransomware. The email link sent from his “bank” initiated a program that encrypted all of his computer files. In addition, his locked screen message implied he had clicked on something illegal or unethical, neither of which was the case. He had two options: pay the ransom or restore his files from backup. Download a Disaster Recovery Guide to learn how to protect your organization.
Their initial reaction was the quick fix. Pay the ransom to make it go away. But could they trust a criminal to help? Perhaps...Maybe? The answer is too uncertain so, paying the ransom was not a recommended option.
Their best option was to restore files from their backup.
A few days later, this same scenario happened to yet another employee at the company. Luckily their system was restored from a backup created just one hour earlier. Other than a little embarrassment and minimal down time, they didn’t lose any files and were back on track in no time.
Criminals are getting more and more sophisticated and ransomware attacks will, without a doubt, continue. The good news is you can protect your organization and take preventative measures against Ransomware by implementing a Managed Services program.
A MANAGED SERVICES PROGRAM PROVIDES REACTIVE AND PROACTIVE SERVICES, as well as strategic planning.
Reactive services assist when a user is most in need; proactive tools implement best practices to improve security, and strategic planning propels your business forward.
Security measures that can be put in place for an in-depth defense strategy to reduce the chance of ransomware include:
- Limiting user access to required network areas.
- Configured systems specific to user requirements. If users don’t need to change applications the system can be locked down to avoid unintended programs from running.
- DNS Filtering to block certain websites by category, block malware and protect from botnet.
- Anti-virus and malware filtering of email and data.
- Email filtering to block unknown or suspicious emails before they are received.
- Firewall Management with Unified Threat Management to review every packet of information that enters your organization.
- Managed Backup and Business Continuity configured to your organization’s needs. A business continuity platform can serve as a temporary host for servers, either in the cloud, or on site if needed.
Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid and widely used in email or email attachements among other platforms. This type of cyber attack has existed for years but drastically spiked in 2015. The FBI expects attacks to continue an upward trend and become more sophisticated; focusing on corporations rather than individuals. In 2015, over 230 healthcare breaches compromised the records of 500+ individuals, according to data from the U.S. Department of Health and Human Services Office for Civil Rights. An attack against Hollywood Presbyterian Medical Center, in southern California, left computer systems locked and unaccessable. The staff was unable to communicate electronically for 10 days and ultimately the hospital paid a $17,000 ransom in bitcoin to the cybercriminals.
Want to learn more about how to protect your organization from cyber attacks?
Read another Loffler blog about CyberSecurity : Do You Know Your Cyber Security Score?
Phil is an Account Executive with Loffler. His goal is to match technology with his client’s business objectives. Phil has been with Loffler since 2016 and in the IT industry for over 30 years, since the introduction of Windows 1.0. He was a Partner at Clear North Technologies prior to being acquired by Loffler. Previous to that Phil was a VP at GE IT Solutions chartered with building out their national Microsoft delivery practice. Phil is an avid downhill skier, golfer and loves to drive his car in circles on the track.