Ransomware is Malware that Holds Websites & Data Hostage, Literally.
It’s real, it’s out there, and you need to protect your business from digital kidnapping!
Digital kidnapping is becoming more and more common in the cybersecurity realm. It’s a real threat that you need to seriously consider, no matter how large or small your business.
What is Ransomware?
Ransomware is a type of malicious software, commonly known as malware. It will block all access to a website, device or database until a ransom is paid. It is literally digital kidnapping.
It is delivered in the same was as other malware, typically though email with malicious files or documents attached, compromised websites and vulnerability in software that you use regularly.
It encrypts your files so you cannot access them without the code from the Ransomware creator.
“The criminals behind these attacks are continually evolving their tactics to allow them to continue down this lucrative path. They are primarily holding the data ransom and do not appear to be stealing the data for their own use, but that trend could change.”, says Kathleen Martin, author of the original post, Don’t Let Your Business be Digitally Kidnapped, which appears in full on the Manufacturing Innovation Blog published on January 19, 2017. Read the full article here.
If your website or other public technology are the lifeline of your business, you need the right cyber security to prevent it. And know the right steps to fix it if it happens to you.
How Widespread is Digital Kidnapping?
A report issued in December 2016 states that instances of digital kidnapping with ransomware increased threefold in 2016.
It is estimated that it cost businesses $209M in the first half of 2016 alone. This figure is expected to increase to $1B when end-of-year reports are released.
That’s a lot of money in ransom. And it doesn’t account for lost productivity, sales, intellectual property or other sensitive information at risk, such as bank information and customer payment data.
IBM Security announced results from a study that found “70 percent of businesses infected with ransomware have paid ransom to regain access to business data and systems,” with half of those paying over $10,000 and 20 percent paying over $40,000. Read the study.
For businesses that pay the ransom, it’s no guarantee that you’ll get your files back to begin with. If you really do, the data has still been compromised and is likely copied and still in the hands of your kidnappers. Who knows what they may do with it even if they have your money.
The Best Defense is a Good Offense
There are ways to protect your business against being digitally kidnapped!
Businesses should consider cybersecurity risks as part of their overall risk assessment. Have a strategy to prevent it, and respond to it if needed. Focusing on the core components of your business, those that drive sales and productivity, is a great place to start.
- Prioritize business processes and users that handle critical information
- Secure all networks
- Back up critical business data regularly
- Ensure the security of emails and browsers
- Secure operating systems and all programs
- Provide user awareness training to employees
- Create, maintain and test your response plan
What to do if You’ve Been Digitally Kidnapped
First, you should contact the FBI Internet Crime Compliant Center.
You may be able to recover your files using the “No More Ransom” website. It is a partnership between several groups in Europe who work to help victims of ransomware retrieve their files without paying a ransom. They can help decrypt the files and even offer decryption tools you can use yourself.
It’s much easier to prevent the attack than remedy one!