According to a McAfee report, ransomware attacks have doubled this year, with incidents of ransomware attacks during the first quarter of 2019 rising by 118% across all sectors.
What exactly is ransomware?
Ransomware is a type of malware that encrypts files on a computer or server, rendering them useless. Affected users won't be able to access and use the files stored on those computers unless the ransom is paid — usually in the form of cryptocurrency such as Bitcoin from the victim.
How do they get through?
Ransomware can be downloaded onto systems when unwitting users visit malicious or compromised websites. They can also be delivered as attachments from spam and phishing emails or dropped by exploit kits onto vulnerable systems.
Systems using weak and identical passwords are the most vulnerable. Once inside, cybercriminals are free to deploy malware — including ransomware in the compromised system. Hackers are also able to exploit the vulnerabilities of a network protocol called remote desktop protocol (RDP). This protocol allows users to access and control a computer over the internet.
These are the primary reasons why organizations are enforcing a strong password policy, oftentimes requiring multi-factor authentication.
Download our free eBook!
Learn everything that you need about cyber security by reading our free eBook: 3 Essential types of cyber security solutions your business must have. This FREE eBook boils everything down to the basics and explains how small- and medium-sized businesses can optimize their solutions without breaking the bank.
Should you pay the ransom?
In a public service announcement released by the FBI, the agency said that in the event your business falls victim to a ransomware attack, you should not pay the ransom. The FBI said that doing so is not a guarantee that you will get your data back.
There have been instances where victims who agreed to pay the ransom were never provided with decryption keys. Furthermore, since the encryption algorithms of some ransomware variants are flawed, there's a big possibility that compromised data may never be recovered, even with the help of a decryption key.
More importantly, paying the ransom will only encourage cybercriminals to target other organizations. The money they get will be used to fund future attacks, putting more companies in danger of losing revenue.
What can you do to protect your business?
The best way you can protect your business from a ransomware attack is to have a robust cybersecurity and backup system. Having updated, verified, backups of your company's data can stop a ransomware from severely crippling your business. Investing in backup and other cybersecurity solutions should be done before an attack occurs, not after.
Training your employees about the threats of ransomware attacks should be a key focus, since end users are the prime targets. You also must implement software restriction policies and employ best practices for the use of RDP. These practices should include the application of multifactor authentication, identifying the systems using RDP, and blocking unused RDP ports. Partnering with the right MSP is a critical step to secure your network and information.
At Arnet Technologies, we provide small and medium-sized businesses in Ohio with the best defense against destructive cyber attacks. We use an innovative threat intelligence and ID-monitoring service to see if your company's credentials are being sold on the dark web. We will look for potential loopholes and problems that can leave your system open to a devastating cyberattack. Just give us a call and our team will assess your company's current cybersecurity risk at no cost to you.