A business ransomware attack continues to be one of the most damaging, costly forms of cyberattacks against both businesses and consumers alike. Simply put, it is easy to pull off and it often works, all with little risk of discovery to the perpetrator.
Most ransomware attacks involve a little bit of malicious software—either designed by the criminal or purchased from another source—and some social engineering. Typically, phishing attacks work as an avenue for infecting a computer or network with harmful software. By getting even one low-level employee to click a link or open an attachment, criminals can infect the network, lock up the system and demand a ransom payment in exchange for the key to open it.
Unfortunately, the only responses to a business ransomware attack are to pay the ransom or ignore it and buy a new computer. Experts do not recommend paying the attackers because there is no guarantee they will release your network or your files. Unfortunately, getting your system back online can prove to be difficult.
One telemarketing firm, The Heritage Company, suffered a crippling business ransomware attack before Christmas. Employees were not made aware of the attack and only learned of it when all 300-plus were laid off. The company was unable to recover from the attack, despite paying the attackers to regain access via the unencryption key. In a letter to employees and a subsequent outgoing voice mail message, the company urged employees to look for other jobs.
This kind of incident is not rare, and small businesses are just as likely to be victimized as larger ones. Certain industries, like healthcare and education, are also more likely to be targeted due to the higher risks associated with being breached.
When it comes to ransomware, the best offense is a good defense. Prevention is the most important step, and it comes down to things like employee training on avoiding phishing attacks, ensuring the network has strong, up-to-date anti-malware protection and backing up all data on external storage devices every day. That way, should the other steps fail, the worst outcome is having to purchase new hardware and load the backed-up data into it.
You may also like…