It's Monday, and you're getting back into the office from your week-long vacation with the family. The second you sit down at your desk, you see an email from your wife. It appears to be a link sent via a Dropbox account and you assume, amidst your morning haze, that the link contains the pictures from your vacation. You click on the link and then… it happens. Your computer becomes corrupted. You've become the latest victim of a Ransomware attack. Well, what happens next?
Ransomware is Growing in the Workplace
The above scenario is not uncommon. People in every industry have experienced Ransomware via phishing emails. From medical industries, all the way to government agencies, even the most compliant players have been exposed to massive attacks. For over 20 years phishing tactics have existed, and every year they become more and more convincing and clandestine.
We are at the point where phishing emails resemble links from sites that we use almost every day like Amazon, Dropbox, and Gmail. The more convincing these attacks become, the greater chance you have of becoming an unsuspecting victim.
The Aftermath of a Ransomware Attack
At this point, you may be asking, “Well, if it is ransomware, why can’t I pay the ransom to get my data back?” That is a great question. There is no guarantee. After all, you're dealing with cyber criminals. Paying the ransom could get your data back, but you may also encounter one of the following:
- You pay the ransom, but the decryption keys are never sent and you are not able to unlock your data.
- Through paying the ransom, you show the hacker a vulnerability that they are able to take advantage of again.
- You pay the ransom only to have the ransom increased and you are told you cannot get your data back until you pay the increased ransom.
In fact, the FBI will tell you to consider all of these scenarios before paying the ransom. The issue becomes this: Every ransom that's paid only further encourages these attacks. Through paying the ransom, the criminals come to understand the value that you place on your data. As a result, they are even more inclined to initiate additional attacks.
Safeguarding Against Ransomware
Your next question may be, “So what can I do about Ransomware if I shouldn’t pay the ransom?” Don’t worry, there is an answer beyond just crossing your fingers and hoping for the best! The battle is best fought by planning ahead on three fronts. The following outlines these preventative measures you can put in place. When used together, these different safeguards should fully protect you.
Update Your Software - You want to look at the initial access into your network. Some of the largest vulnerabilities are, but not limited to, out of date routers, software that is missing patches, or inadequate antivirus software. So, make sure your network is fully updated for your specific needs.
End-User Security Education - Your employees can be your biggest weak spot. Implementing some kind of security training is crucial. This can be done internally or from a third party, but it requires someone coming in and sharing ways to spot vulnerabilities (e.g., checking the domain of emails or reaching out to senders to confirm links). This is necessary because there will always be some sort of gap in that first line of defense, so you need to be educated to spot those gaps when they come up.
Data Backup Isn't Optional - The last line of defense should be to make sure that you are regularly backing up your data. Keep in mind that some backup providers will provide more coverage and oversight than others. Most importantly, make sure that you have a second or even a third copy of your data or else you risk losing it all. Just like there are cyber criminals that will exploit a hole in the first line of defense, there are also people who might be tricked despite any education provided. This third line of defense will step up as a last resort and make sure that your data is always protected and easily recoverable.
As you can see, Ransomware is out there. It's in the news, it's talked about in the break room. Although there are many different variations, the end result is the same: encrypt your data and make you pay. You will inevitably have to pay some price no matter what. Whether it be living without your data or paying the ransom.
Recovery After Data Loss
The reality of ransomware is just one of the very real worries that can come along with not having your data stored properly. The name disaster recovery isn't only reserved for natural disasters, but any other type of disaster that can hinder your business, like a ransomware attack. When your business implements a trusted disaster recovery solution, you can rest easy knowing your data is in safe, even when the unthinkable happens.
Your business runs on data, and that is nothing new. At SumnerOne, we want to keep things running as smoothly as possible for your business. One of the ways we've achieved this by assembling the industry's fastest disaster recovery and business continuity systems. Meaning that come rain or shine, your data is in good hands. To learn more about how SumnerOne will protect your data, give us a call. We're here to have your back.
About the Author - Leif McKinley
Leif McKinley is a Channel Sales Executive with Datto, a Business Continuity vendor that focuses on business up time. He has been with Datto for 6 years as they have grown from a single purpose BDR device to a full service Total Network Protection provider covering all data protection and networking needs. Prior to working at Datto, Leif sold Life, Disability, and Long-Term Care insurance where he was able to gain risk management experience. He saw the value that a risk management specialist can add to technology and continues to focus on the intersection between these two fields.
Originally published September 12, 2018, updated April 1, 2019