RANSOMWARE

Hackers have declared war on your data.
Find out what Ransomware is and how you can win the battle.

What is Ransomware?

Ransomware is a variety of malware that holds files or systems hostage until a payment is made, usually by encrypting files or marking them for permanent deletion. Attacks occur randomly and without warning, often with a clear ransom demand displayed through computer screens; a ransom amount that increases as time passes.

Ransomware attacks have hit epidemic proportions, especially in small-to-medium sized business with limited in-house IT support. Why an epidemic? Because businesses typically do pay to get their data back.

Being a commercial proposition, rather than teens working out of basements aiming to cause headaches, ransomware is now an organized business designed and executed to maximize profit. There are entire ransomware outfits working out of office buildings and raking in millions of dollars every year. The low overhead, high profits, and endless supply of new companies specializing in making the most stealthy and disruptive piece of malware.

Ransomware usually gains access to computers or networks through social engineering. A hacker sends an email posing as someone trustworthy and prompts an employee to download a file. Though that file might be described in innocent terms, it is in fact a malicious program that spreads through that employee’s computer, as well as any company networks that computer is connected to, and starts encrypting vital files. When the encryption is complete, the files are effectively useless. For most companies, this can effectively equate to downtime. The clock is ticking.

Ransomware netted over $325 million in 2015, and has already made over $200 million in the first half of 2016.

Should I Worry About Ransomware?

Ransomware is the biggest story in cybersecurity today. And for good reason. Though it first gained prominence in 2013, ransomware is going through a renaissance, quickly evolving into an epidemic of unprecedented size and scope.

In the past, most ransomware infections targeted personal computers for digestible amounts of money. But today’s attacks are increasingly aimed at businesses and other organizations, leading to demands for thousands of dollars in ransom payments. Hollywood Presbyterian Medical Center paid a $17,000 ransom in February, and the University of Calgary paid $16,000 dollars in June. Kansas Heart Hospital paid a “small” undisclosed ransom in May, received access to some files, and was then hit with a demand for another ransom to unlock the rest.

Large businesses and organizations aren’t the only ones being targeted. Write-ups in the Wall Street Journal and New York Times have detailed cases of small businesses having their files held hostage too.

According to the FBI, there were 2,453 complaints about ransomware in 2015. Those complaints cost victims more than $24 million.

Some forms of ransomware don’t stop at encryption. They also threaten to publish sensitive information online if the payment is not made.

Some of the most attacked industries include healthcare, state and local governments, SMBs and large businesses.

How Can I Defend My Business Against Ransomware?

Despite the constant stream of news about ransomware attacks, an effective layered defense strategy does exist.

The first layer of a proper ransomware defense is education. The simplest way to avoid ransomware infection is to learn how to identify the attachments they use to sneak into systems. Avoiding bad attachments and shrouded links goes a long way. Unfortunately, “at least one employee will click on anything” is a common, and too often true, saying in network security. Education on its own is not enough.

Antivirus software is the second layer of a sound defense. Quality antivirus protection can stop thousands of attack attempts per day. When that one employee does click on the wrong link or download the wrong attachment, antivirus will often save a system from full-blown infection. However, new strains of ransomware are always being created many times a day, so eventually, the probability that one infection will succeed is high.

Employing a data protection solution provides the ultimate failsafe in a layered defense strategy against ransomware. A data protection solution will automatically and invisibly take snapshots of your data and systems at regular intervals, and store that data in a secure location. Should ransomware successful penetrate your layered defenses, you can simply ‘turn back the clock’ to a snapshot of your business before the attack happened. No ransom, no clock, no problem.

Stop Ransomware with Partners Plus

Partners Plus’s Total Data Protection Platform is currently protecting tens of thousands of business worldwide from ransom attacks, and other unforeseen situations that can adversely affect your business. Our SIRIS and ALTO products cater to businesses of all sizes from small outfits to enterprises by storing system and data snapshots locally and in the cloud for near-instant restoring of business services should an unanticipated event occur.