The Baltimore Public Schools system was already dealing with pandemic learning conditions when it was hit by a ransomware attack the day before Thanksgiving. School officials were calling it a “catastrophic attack on our technological system.” It couldn’t have happened at a worse time, with 115,000 students attending classes online shut out of the system.
Details are scarce, but teachers on social media have said that the malware had a .ryuk extension. The same time of extension has appeared on ransomware targeting hospitals, local government bodies, and other establishments.
It’s something you’ve probably heard about in the news recently, as concerns over ransomware targeting the nation’s election system have been frequently discussed. It’s the kind of malignant hacking you think would be relegated to early 90s films about the internet.
But the very notion that someone could block all access to your important files unless you paid a hefty sum is alarmingly real.
In fact, ransomware attacks are steadily rising. This year, the most attractive targets have been hospitals, desperate to stay online during their fight with the Coronavirus. In some cases, they’ve had few options and no time to do anything except pay.
(Infographic Source: 2020 Sophos Report)
The consequences of not paying are obviously dire. Meanwhile, methods for tracking hackers aren’t able to keep up. Ultimately, trying to fight them often winds up being more costly. For example, in 2018, Atlanta paid $17 million fighting an attack asking for only $52,000 in bitcoin currency.
Increasingly alarming is the ways they’ll pressure you into paying. Any personal information about you or your employees on file is subject to an attack. Hackers often hold this type of information for ransom. It’s a brutal combination of hostage-taking and blackmail.
The question of whether or not you’re susceptible to such an attack has probably been raised. And the answer is presumably unsatisfactory. At the end of the day, there will always be people working to find new ways of opening up access points into your security systems. While small and mid-sized businesses are generally at the largest risk, there are several actions you take now to avoid a ransom later.
How to Protect Yourself
The answer is surprisingly simple. Just this year, Spectra Logic, a Boulder-based private company that specializes in data backup and management, was hit by a ransomware attack. But thanks to their experienced I.T. Department, they managed to identify it quickly.
Additionally, their specialty saved them from losing a significant amount of data. By maintaining an air gap to non-infected data, the recovery effort was 99.5% effective. However, with the vast majority of ransomware attacks successful and the uncertainty of whether or not the hackers would even return your data unharmed if obliged, it’s only wise to start investing in data backup protection.
The first step in taking protection from ransomware is ensuring you have a reputable antivirus software and firewall. Once installed, it’s vital to keep systems up to date and regularly run scans for any malware. There’s a great deal of phony software out there, so the brand name counts.
It’s then important to employ regular content scanning and filtering on your mail servers. A lot of ransomware attacks are initiated through phishing emails. Any inbound mail should be scanned, particularly if they come with attachments.
If any employees are traveling or working remotely, make sure they notify the I.T. department so they can take necessary precautions. This is especially true if they plan on using any free wireless internet on their trip.
Remember that this is a technological heist. They’re always uncovering new ways to storm your firewall. It’s a never-ending game of back and forth, with the hacker always trying to stay ahead of I.T. trends. As such, downloading patches and other software regularly is always necessary.
We’ve gone over the methods for preventing a ransomware attack from happening in the first place. However, even if you become compromised, there are actions you can take now to ensure your data can be recovered without paying a hefty ransom.
We mentioned the importance of keeping data on an air-gapped system, but what does it do? Simply put, it’s the system of storing information on computers that have never been connected to the internet.
Most companies and organizations store a lot of information on the cloud, which leaves it open to theft. That said, it should also be stored on external hard drives that are disconnected immediately.
Your own employees can protect you as well. Exercising some security awareness training in your business will keep them wary of any suspicious emails. Employees are mostly wise to the more obvious threats these days, but additional training will help keep everyone ahead of whatever’s out there.
There are ways to protect yourself from ransomware, be it through meticulous data storage or high-tech security, but remember that hackers are always trying new schemes and updating code to make their attacks more precise and effective. So stay diligent and ensure you’re prepared with an effective prevention and mitigation strategy.
By John Alois
Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services. Contact us for ways on how to contribute and support our dedicated cloud community.