All About Ransomware

Jim Tice
Written on August 24, 2020

If you ever access the internet in the course of your business, you are vulnerable to ransomware. For the few of you who may not be aware of what ransomware is, here is an example. One day, while working on your computer, a message pops up telling you that all the files on your computer have been encrypted and are unusable. If you want them to be decrypted, you need to pay a ransom (usual in bitcoin, as it cannot be traced) of a significant amount of money.

You have two choices: pay the ransom, or pay a professional to restore your system. Often, when business losses are factored in, ransom is the least expensive solution, which is one of the reasons the threat of it is growing.

Here are some startling facts:

  • There were over 200 million ransomware attacks in 2019.
  • The number of attacks has risen by 345% over 2018.
  • Ransomware payments will top $11.5 billion this year.
  • Ransomware downtime costs, on average, $8,500 per hour.
  • Every 14 seconds ransomware claims a new victim.
  • 222 new strains of ransomware were created in 2019.

What can you do to minimize the risk to your business or non-profit? According to Norton Anti-Virus:

  • Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department or vendor if you or your coworkers receive suspicious calls.
  • Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all of the fake software out there.
  • Do employ content scanning and filtering on your mail servers. Inbound emails should be scanned for known threats and should block any attachment types that could pose a threat.
  • Do make sure that all systems and software are up to date with relevant patches. Exploit kits hosted on compromised websites are commonly used to spread malware. Regular patching of vulnerable software is necessary to help prevent infection.
  • If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi.

We also recommend you purchase a Cyber liability insurance policy, which, among its other coverages, protects you against ransomware. In those situations where paying ransom makes sense to get your business up and operating, the policy pays it for you. But perhaps its biggest benefit is the forensic help it would supply and pay to get your system back in operation.