Rebuff Ransomware with 3 Simple Security Steps

by Sandeep Kaushal

According to a recent alert from the FBI’s Internet Crime Complaint Center (IC3), CryptoWall – a variant of the CryptoLocker ransomware – cost U.S. businesses more than $18 million since April 2014. (Ransomware restricts access to the computer system that it infects and then demands a ransom be paid to the creator of the malware in order for restrictions to be removed.)

The FBI notice attributed the rising costs of ransomware stem not only to ransoms – which typically range from $200 to $10,000 per instance — but also to companies spending or losing money on “network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers.”

“The ransomware industry is also becoming very innovative, both with their technology and business models” veteran tech journalist Sara Peters wrote in a recent post to Dark Reading, InformationWeek’s cybersecurity newsletter.

As examples of the growing sophistication of ransomware, Peters cited the “simply name ‘Locker’” form, which is a “sleeper” type that lay dormant for months in infected systems until activating on a specific date. She also described “‘Tox’ a ransomware-as-a-service kit for building and deploying ransomware. It’s free to set up and use, but the site hosting Tox takes a 20% cut of any ransoms the operators rake in.”

If ransomware strikes your firm, the general consensus among authorities is you shouldn’t pay. Why? Because the cybercriminals involved may not provide the key codes necessary to release your system or files after you send payment. Instead, with proprietary information in their possession, they may collect your money and then attempt to make more by selling your data to other felonious parties. Another malicious move by cyber crooks may be opening your files to the general public, exposing data such as passwords, account numbers or sensitive correspondence, as happened during the infamous Sony breach.

But if you shouldn’t pay, what should you do? According to info-security expert and Dark Reading columnist Michelle Drolet, the avoiding ransomware exposure is as simple as a “few basic infosec best practices”:

  • Perform Regular Backups - The ideal backup system is real-time, which makes recovering from a ransomware attack as simple as wiping an infected drive or device and then restoring backed-up files. To ensure your backup systems are thorough and functional, work with an IT Managed Service Provider (MSP) who specializes in Business Continuity technology and practices.
  • Perform Regular Software Updates - Anti-malware software, and all business software, should be kept up-to-date. Anti-malware tools require the latest updates in order to recognize new variants, and vulnerabilities in most major business applications constantly are being patched.
  • Educate Your Team - Ransomware requires user interaction to spread – e.g., clicking on email attachments or embedded links that direct victims to fake or compromised websites. If your staff is aware of the danger and how to spot attacks, your risk of infection drops significantly.

Drolet states the case for rebuffing ransomware with basic best practices concisely: “If your data is important enough to pay a ransom for, why wasn’t it important enough to properly backup and protect?

Sandeep Kaushal
Written by:

Sandeep Kaushal

Sandeep is the President and Owner of TeamLogic IT in Vernon CT. TeamLogic IT provides Managed and Outsourced IT services to businesses throughout the Greater Hartford area.

Sandeep has resided in Tolland for more than 10 years and has more than 25 years of experience in the IT industry.