Cybersecurity thought leaders have dubbed 2016 as The Year of Ransomware. The United States Federal Bureau of Investigation tells us that for 2017 ransomware activity will remain high and losses will likely top $1 billion for the second year in a row.
Ransomware is a way of monetizing hacking. Ransomware began as an attack on personal computers operated by home users. Using phishing tactics, cyber criminals attacked personal computers and locked owners out or froze their machines. The owner makes a payment of around $50 to $100 dollars to have their system restored. It didn’t take long for computer criminals to discover that businesses were a more lucrative target than folks wanting their personal computers unlocked. Companies need their data live 24/7 to keep their sales going – so, where an individual computer user may give a ransomware criminal fifty dollars, businesses may give many times that amount – or tens of thousands of dollars.
Ransomware depends upon the actions of a person at the target company. The ransomware virus is attached to an ordinary looking email. But, once clicked on, the user is asked to download something – a white paper, free program or another item. Once the download is ordered, the ransomware is downloaded and begins to attack. A pop-up appears that tells you that you are a victim of ransomware and your data is locked. Instructions are included as to how to make a payment and have the company system unlocked, or its data unfroze. This type of attack is highly organized, and the target is actively pursued.
Another way of being attacked by ransomware is to visit an infected site and downloading from it. For example, a site is visited as part of research your company is performing. The site is infected with ransomware, and whenever the site is visited, and a click is forthcoming from a searcher, the ransomware is downloaded.
Regardless of the manner of infection, notification is usually the same – a message appears on the newly infected computer along with instructions on how to pay the ransom and how much the ransom is.
Ransomware attacks are disruptive, and many companies choose to pay the ransom as restoring everything from backup may take too long and not be complete with recent data that is unprocessed being lost forever. All most ransomware bad actors want is financial gain. So, they usually return the system once the ransom is paid. But, if personal identifying information (PII), personal financial information (PFI), or Personal Health Information is information included in the ransomware breach, attacked companies can be subject to fines from the Federal Trade Commission or the Office of Civil Rights for Medicare & Medicaid or by the Consumer Protection Financial Board.
Estimates are that when breaches occur, it costs upwards of $200 per record to repair the breach – massive breaches can cost hundreds of thousands of dollars or even millions to fix. But, additional costs still face companies as various agencies having authority for compliance with privacy protocols can impose fines starting at $100 per breached record. Penalties for HIPAA violations have recently come in at multi-million dollar levels – fines this high usually follow warnings about previous violations.
Employee education is the best way to protect your company from ransomware attacks. Employees must be instructed never to open an email or email attachment from unknown parties. Also, staff should be taught not to download items from unknown web pages. Needed information found online should be verified by the source and only opened when the validity of a link is confirmed.
Data and program backups can mitigate the operations discordance stemming from ransomware but are ineffective in protecting personal data.
XSTRA Group is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at 1300 555 920 or send us an email at firstname.lastname@example.org for more details.