Two recent Wall Street Journal articles have highlighted the growing threat of ransomware to any US based organization driven by increasing success and paydays of the overseas perpetrators. The two articles were published in the 9/30/2020 and 11/13/2020 editions, and if you have a subscription, you should really take the time to go read them in their entirety. If you don’t have the time or a subscription, I will try to provide a Cliff Notes version here.
Ransomware is a “hack” of your system(s) that will usually perform encryption of all your files on all of your computers. Once the hacker has locked your system up so that you have no use of your computers or network, they make a demand for an exorbitant fee.
The City of Atlanta was attacked in 2018, and the hacker asked $51,000 to release their files, but the City feared the demands would continue. Hence, they chose not to pay, resulting in more than $7 million in costs to recover and restore systems and data, according to Journal articles. Average ransom payments across all industries have climbed to $233,817 in Q3 2020 from $41,198 a year earlier.
The hackers frequently tell the hacked “Clients” not to contact Law Enforcement because they say, Law Enforcement cannot do anything, and will suggest not paying any “fees” (ransom).
Hackers can breach your system through multiple access points, but perhaps the most difficult to close, is the phishing email. This is when a hacker sends an email to a user on your system that looks quite legitimate, and the user clicks on a link basically opening the door for that hacker to take control of that users machine and perform their mayhem from inside your network of protective firewalls and physical barriers to entry.
What can you do about all this? Well, the analogy often used in the industry is comparing your business computer system to your house. You can lock the door. You can add deadbolts, a safe, alarm systems, a guard dog, cameras or even employ a security guard. Nothing really makes you completely immune to someone getting in and stealing your safe, but every bit you do makes that thief more likely to move on along to someone who left the front door hanging open. Just don’t be that person who left that front door hanging open.
If you do not have a security and backup program in place, contact Tim Scarafiotti at firstname.lastname@example.org to discuss what we can do to assist you in achieving a level of security you are comfortable of.