Ransomware has been around since the late 1980s, but the number of attacks is on the rise thanks to the growing popularity of bitcoin (essentially the digital currency of the internet) and improved encryption software. Attacks are usually the same: a virus makes its way onto your computer through something as simple as opening an email attachment or clicking a website link, and then suddenly all of your files are scrambled or corrupt and you are unable to open them. You then receive a message from hackers demanding some form of bitcoin payment to have them restored. In other words, hackers hold your files hostage and demand a ransom to get them back; hence the name, “ransomware.”
Once considered a consumer problem, larger computer networks at hospitals, universities and businesses have found themselves the victims of such attacks, which has made them a far more serious and costly threat. According to the U.S. Department of Justice, ransomware attacks have quadrupled over the last year, averaging 4,000 a day. Typical ransomware payments range from $500 to $1,000, but some hackers have demanded as much as $30,000. Hollywood Presbyterian Medical Center in Los Angeles paid nearly $17,000 to unlock files in February following an attack that crippled a large portion of the hospital’s computer systems.
The Federal Bureau of Investigation said ransomware attacks cost victims roughly $209 million in the first quarter of this year, including costs incurred such as lost productivity and staff time to recover files. This works out to an average of about $333,000 per incident based on the number of reported attacks it received. This number is up dramatically from only $24 million for all of 2015, which comes out to only $10,000 per incident.
Unfortunately, ransomware is relatively simple for hackers. The virus usually comes disguised as an email attachment or website link. Once clicked, the virus is installed and begins to encrypt files, often targeting Microsoft Office documents. A message is then displayed with recovery instructions. Many ransomware attacks exploit known bugs in software and attackers depend on people not installing updates. Criminals tend to find ransomware easier and more profitable than other scams, such as breaking into consumers’ computers and stealing money via online banking.
Another factor is the increasing use and stability of bitcoin, which is now the preferred payment method of most ransomware infections because it allows users to send and receive money from anywhere in the world, often anonymously.
So what can you do to ensure your business doesn’t become a target of a ransomware attack? Here are five things to help prevent your business data from being held hostage.
It is important to stay up to date on what cyber threats, ransomware or others, are currently out there. Learn about the different types of attacks happening and identify whether or not your business is vulnerable.
Have an Email Spam Filtering Program
Since the most common place for your systems to get infected by ransomware software is through email, it is important to have a good spam filter on your email program. This can help isolate potential threats before they reach your inbox.
Never Open an Email You Don’t Trust
If you receive an email from an unknown source, especially one with an attachment, it is important not to open it. Even if the email comes with an enticing subject line such as “SIGNED ORDER ATTACHED” or “CUSTOMER PURCHASE ORDER.” If something appears to be “off” with the email, it is best to err on the side of caution.
Educate and Train Your Employees
Just as you educate yourself, educate your employees as well. Train them to never open emails from unknown sources or click their attachment, and bring any suspicious emails to your attention and the attention of your IT department.
Have a Business Continuity Plan
Business Continuity combines traditional data backups with cloud computing. By keeping your data stored locally and offsite, Business Continuity allows for a quick recovery of files and cloud access of servers. This minimizes downtime and costs if an attack does occur.
When it comes to ransomware, the best defense is a good offense. Preventing an attack from happening is really the best way to keep your business data safe and secure. But being prepared for if an attack does strike by having a Business Continuity plan in place will keep your business running smoothly without costing you time and money.