Imagine: you walk into the office in the morning only to discover that all of your computers have the same exact screen and it looks something like this-
“Oops, your files have been encrypted!”
Make no mistake, this was not an accident. You’ve been infected with ransomware: the biggest threat to business’ technology systems on the market today. Then, the panic sets in… What is happening? What caused this? How do we fix this? How do we prevent this from happening in the future?
This was what many people were thinking when the WannaCry ransomware hit in May 2017. If your business had strong computer management and properly patched and updated your endpoints, WannaCry was largely a non-event. However, if your machines were not up to date, questions like these became very real, very quickly as the attack circled the globe bringing companies to their knees. And the biggest question on whether or not this was an issue for you was whether you had an IT department to handle this issue.
What is Ransomware?
Ransomware is malicious software that locks your files and demands payment to access them.
Ransomware typically spreads via spam or phishing emails. It also can spread through websites or drive-by downloads to infect an endpoint and penetrate the network. Infection methods are constantly evolving and there are many other ways one can become infected, as well.
Who’s the target of Ransomware?
Ransomware attacks target firms of all sizes — 5% or more of businesses in the top 10 industry sectors have been attacked — and no size business, from small-and-medium businesses to enterprises, is immune. Attacks are on the rise in every sector and in every size of business.
Recent attacks, such as WannaCry, mainly affected systems outside of the United States. It has affected hundreds of thousands of computers from Taiwan to the United Kingdom, and it crippled the UK’s National Health Service (NHS).
“Ransomware is more about manipulating vulnerabilities in human psychology than the adversary’s technological sophistication.”– James Scott, Institute for Critical Infrastructure Technology
Unfortunately, The US has not been so lucky in other attacks. The US ranks the highest in the number of ransomware attacks, followed by Germany and then France. Windows computers are the main targets, but ransomware strains exist for Macintosh and Linux, as well.
The truth is that ransomware has become so wide-spread that for most companies it is a certainty that they will be exposed to some degree to a ransomware or malware attack. The best they can do is to be prepared and understand the best ways to minimize the impact of ransomware.
“Okay, but what if…”
“I have antivirus software!”
That’s great news! However, using Antivirus software is the first step to being proactive with these issues! The only problem is that some ransomware is undetectable by Antivirus software, so it slips right on by…
“I have a backup. Can’t I just recover my data from that?”
Well… not exactly. You see, hackers have gotten incredibly smart in the past few years. They realized that people could just restore their data from a backup, so they started doing this really dirty trick – encrypting your backups too. Once the computer is infected and encrypted, so is any backup attached to the computer…
“All of my data is backed up to Office 365’s OneDrive or GSuite’s Google Drive.”
Believe it or not, Saas (Software as a Service) providers like Microsoft and Google claim that they aren’t responsible for your data and that it is up to you to find your own third-party company to further back up that data. Here’s what Microsoft’s Service Level Agreement says:
We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.
To take it a step further, applications like Office 365 and GSuite are actually just as susceptible to ransomware as any other computer. Take a look at this video that explains and demonstrates this:
The REAL cost of Ransomware: Downtime
According to Datto’s 2019 Ransomware Report…
- The average ransom request is $5,900. Not too bad, right?
- It gets worse – the true cost of a ransomware attack is 23x greater than the ransom itself
- The real problem – The average cost of downtime from an attack is $141,000
Ask yourself this – how long can our business go without accessing our computer systems? A day? Four hours? Less than an hour? This is a tough question to ask ourselves when nearly every business relies on computer systems to be able to operate. But it’s important to ask once you realize what downtime really means.
When your systems are down:
- Employees do less work
- Lost sales or revenue
- Lost time + the time it takes to make up the lost time
Once you realize this, the cost of downtime because enormous. The average ransomware attacked causes a business to be down for at least two days. And sometimes, it’s even more than that!
As an example, in August of 2019, the local government offices of Lake County, Indiana were hit with a ransomware attack. Employees lost access to email and some internal applications for more than two weeks. Could your business survive a hit like that?
What do I do then?
You don’t just have to pay the ransom! In fact, we highly suggest avoiding doing that by all costs. Doing so actually makes you a bigger target in the future! Unfortunately, completely avoiding ransomware isn’t possible. However, It’s possible to render any kind of ransomware attack nearly useless with the right tools! Here’s a couple of things we suggest.
- Expertise – To be able to be proactive instead of reactive, you need an IT department with the expertise to implement the tools necessary to keep your business safe.
- Antivirus – You need an Antivirus application with real-time scanning capabilities to help stop the majority of attacks
- Security Training – Everyone who has access to a computer needs to be trained in the primary tool hackers use: phishing. Start by watching this video.
- Backup and Disaster Recovery tools – The best way to minimize your risk is to use a BDR tool. This is something that takes a backup of your entire computer and backs it up to the cloud. Most businesses don’t have access to software and tools like this, so partnering with a Managed Service Provider, like DV Tech, is your best bet.
The best way to fight ransomware…
… is to partner with a Managed Service Provider who can help do all of these things for you. Most small businesses can’t afford a full-time IT department, which is the biggest benefit of hiring an MSP. It’s a cost-effective way to have access to an entire team of experts who can provide you with the resources of an enterprise-size organization for a fraction of the cost.
If you want more information on how a Managed Service Provider can help protect your business and help you thrive, get in contact with us today!