Can Your Business Be Held For Ransom- In Broad Daylight?

An article by: Evan Leonard, President, CHIPS Technology Group

Traditional thinking is that you could install a firewall, have complex passwords and you were safe from cybercrime.  Not anymore, because the most vulnerable part of your business and network, are your employees.  The criminals are getting smarter, they know we are inundated with hundreds of emails and way too much busy work.  We have programmed our brains to just click on anything. even if it looks out of place.  That type of behavior will shut down your business and you risk losing clients and money.

The viruses that are unleased onto your network encrypt files the user has access to whether on their local desktop or your corporate network.  The only way to recover these files is to restore from backup which could take hours or days depending on your software, hardware, process and how much data we are talking about.  Otherwise you may have no choice but to deal with the unpleasant experience of paying a ransom.  If you pay the ransom, the criminals will provide you with a private key to unencrypt the files.  The tricky part of paying ransom is you have to pay it in Bitcoin – criminals want the transaction to be un-traceable.  Do you know how to get ahold of Bitcoin and know what it is worth? By the way, you better hurry as the price increases the longer you take, and the key often has a time bomb.  When the time expires, the files are locked forever.  This form of payment is crypto-currency and can take a week or more to fund if you don’t already have some at your disposal. 

This happens to businesses almost every day and in fact happened to a large hospital in Los Angeles just a few weeks ago.  The ransom was in the amount of 9,000 bitcoin or almost $3.7 million.  The hospital lost access to all their files, they didn’t have adequate backups.  Patient care was compromised for a week, and new emergency patients had to be routed to other hospitals because their systems were down.

The best method of protecting your data is education.  The criminals are getting very creative and preying on the naiveté of employees.  These emails come as something that looks benign - especially when they are not expected.  They might have something in the subject or body that looks to be a legitimate email.

All employees need to understand what they are clicking on and that can be accomplished through training videos or classes.  All companies need to take these attacks more seriously before they become a victim.  The FBI has been inundated with these types of crimes and is essentially helpless.  Most of these attacks are from people living in other countries.    

In order to minimize your chances, there are some additional measures you can take.  Some of these actions might be inconvenient so the risk verse convenience decisions will have to be weighed.  Your security defenses can tighten up such as your firewall or you can limit employees access to shares on the network.  Your firewall and content filters can block potentially bad files.  They will also block expected files so these file will need to be released manually by a network administrator.  It is imperative to understand what your users have access to and that it is not more than they need.  Another measure is making sure your server’s security patches are up to date.