Everything You Never Wanted To Know About Ransomware Attacks
It’s called ransomware because it denies users access until you pay a ransom.
Ransomware is a type of cyber attack that is usually spread through phishing emails or by visiting an infected website. It’s called ransomware because it denies users access until you pay a ransom. After payment, you will receive an unlock or decryption key. Sometimes entering the code launches a second attack. Your hardware may be infected with more malware, or your data may be deleted even though you’ve paid the ransom.
It is easy to know when your computer is infected with ransomware because the cyber criminal wants you to take action. Look for these symptoms:
- A splash screen blocks access and demands payment.
- Files won’t open. If you run Windows, you might see a message that begins, “Windows can’t open this file…” Mac users might see, “There is no application set to open the document…”
- File extensions–those letters after the dot at the end of a file name–may be missing. Or they may say “.crypted” or “.cryptor.”
- Finder may not be able to identify the file type and displays no icon.
- You’ve received instructions for paying the ransom.
Should I Pay the Ransom?
Paying ransom is a controversial topic. Some experts say you should do so only as a last resort; others say you should never settle. Forrester Research argues that paying ransomware should be considered a viable option and evaluated like any other business decision.
As you consider the pros and cons, you’ll need to weigh both direct and indirect costs. Business interruption or cyber insurance may cover some of your losses. But the average ransomware attack lasts 7.3 days, long enough to do real harm to your business and your reputation, and set you up for legal problems. You’ll also want to factor in downtime, lost productivity, and the stress on your employees as they try to do their jobs without the tools they need. Furthermore, recovery can be painful, time-consuming, and expensive.
Five Steps to Protect Yourself from Ransomware
Don’t put yourself in the position of having to make this kind of decision. The best way to reduce the risk of cyber crime of all kinds is to have a comprehensive plan with multiple layers of security that encompass People, Processes, and Technology (PPT). And, make sure you are doing these basic steps now to protect yourself and your business.
- Update all software and operating systems with the latest patches. Move away from Windows 7 before January 14, 2020.
- Remind your employees they should never, ever click links or open attachments in unsolicited emails. Do routine cybersecurity training.
- Back up your data regularly (typically daily). We recommend keeping at least two backups of your critical data with at least one back-up stored away from the data source (i.e. cloud storage).
- Use multi-factor authentication. Yes, it creates some friction in your day, but it is very effective in limiting unauthorized access.
- Enable strong filters to prevent spam and phishing attempts, and scan each email for threats.
- Configure your firewalls to block access to known malicious internet addresses.
- Use data encryption
- Follow password best practices: Change ALL important passwords routinely and do not use the same password for multiple sites. Create strong passwords with a minimum length of 13 characters (longer is better). Use both capital and small letters, numbers and special characters and avoid words found in the dictionary and easily guessed.
We can help you with your cybersecurity strategy. And, if you suspect your systems have been infected by ransomware, don’t wait. Call us at 925.827.1200 or email us at firstname.lastname@example.org to schedule an evaluation. We can discuss your options, conduct a security audit to determine your level of risk, and help you recover from a ransomware attack. Call us at Cantrell’s Sales & Service today.