Ransomware is real and can be extremely expensive to an individual and/or company. This is not just a small company threat but to large ones as well, even if they have a full in-house IT staff for protection. Millions of dollars have been paid out to these cyber criminals for a decryption key to get their company network back.
So, what is ransomware and how does it work?
Simple definition: A type of malicious software designed to block access to a computer(s) system until a sum of money is paid.
In order to install ransomware, cyber criminals typically gain backdoor access to a company’s network as well as having administrator privileges or other login credentials. This is easier done than you would think. So, what to do?
Learn from your mistakes. They could come back.
Recently, I read about a large company that fell victim to ransomware and paid millions in bitcoin in order to restore their network and retrieve their files. They did so and they were back in business, except…
No analysis was made of just how they became susceptible in the first place. No changes were made and ultimately were hacked again and had to pay a second time. A lesson had not been learned.
Before restoring the network. A couple of items to think about:
– How the malware gained access?
– How did it stay undetected for so long.
To pay or not to pay.
Is paying the cyber criminals the quickest and most cost-effective solution?
Well, yes and no. Consider this. After the ransom is paid, a post-event analysis and rebuilding of a susceptible damaged network will also cost large amounts. And, there will be an extended period of disruption before operations resemble anything normal. Oftentimes involving weeks of work performing the investigation, system rebuild and data recovery. There is a better way.
In 2016, Datto estimated that American small businesses lose an estimated total of $75 billion a year due to ransomware.
3 ways to help prevent ransomware.
1.) The best way to avoid any of this is to ensure your network is secure against cyberattacks in the first place by doing things like making sure operating systems and security patches are up to date and applying multi-factor authentication across the network.
2.) It’s also recommended to perform regular backups of your networks and store those backups offline. In the event of a successful ransomware attack, the network can be restored with the least disruption possible.
3.) And finally educate your employees to not give out login credentials, personal engineering, no matter how legitimate it seems at the time.
How can Coolearth help?
Another way to help is make sure your vendors are practicing good anti-ransomware practices like Coolearth does. We take our connectivity to anyone’s network very seriously. Recently, dealing with one of our clients that had ransomware they were very appreciative of our offline backups for their solo installs and a clean database which was instrumental in getting processes moving again.
Would you like to learn more about how Coolearth can help? Learn More