If 2013 went down in IT history as the year of the data breach, then 2016 will always be remembered as the year of ransomware. In February, a Southern California hospital was forced to negotiate with hackers to recover its critical data; a week later, the Los Angeles County Department of Health Services suffered a similar attack. By the summer, school districts in South Carolina and Minnesota, hospitals in Kentucky and Georgia, and a church in Oregon had also been affected.
In March, the United States and Canada issued an unusual joint alert warning businesses of ransomware after analysis showed that Americans paid nearly $325 million in 2015 in untraceable, open-source currency to cybercriminals the world over. A senior fellow at the Institute of Critical Infrastructure Technology even told Newsweek that there are now two types of organizations: “those who have been breached and those who have been but [don’t] know it yet.”
The way that ransomware works its way onto the computers of unsuspecting users continues to evolve, too. A recent wrinkle revealed that phishing scams posing as speeding ticket emails were directing people to click on a malicious link. Emails claiming to be from local police departments that contain actual traffic data, street names, and driving speeds have started showing up on security experts’ radar.
Even more discouraging, at the end of 2015, the FBI suggested that computer users locked out of their data because of ransomware were better off paying the ransom instead of making their systems more secure. Which leads to the common misconception that a firewall and an antivirus program can keep your systems safe. Or the widely held belief that ransomware can get onto your computer without any action being taken, when 95% of infections come when a user clicks on a malicious link, attachment, or advertisement.
Basic security protocols will keep you protected, but only up to a point — and ransomware architects are constantly working to sneak their handiwork past any and all systems working to stop it. But with stronger defenses like proactive monitoring, Internet traffic analysis, and content filtering, preventing ransomware while keeping your data safe and accessible is possible.
At CMIT Solutions, we recommend three basic steps:
1) Back up, back up, back up.
Hackers that use ransomware are counting on a business or an individual to NOT back up their data (as only about 50% of organizations do). If ransomware encrypts a critical file, and the only way to access it is to pay a ransom, most companies will capitulate. But if you have a dedicated remote backup (hopefully conducted at least once a day), you can ignore the hackers’ demands and simply just restore your data without having to pay extra for it.
2) Implement layered network security.
CMIT Solutions has the ability to deliver heightened security that analyzes Internet traffic for malware, botnets, and phishing attempts before they affect your system. By identifying targeted attacks, blocking threats both on local networks and mobile devices, and enforcing acceptable use policies through content filtering, the proactive monitoring or “umbrella” approach can deliver an unprecedented level of security. Of course, no one layer of security provides surefire protection, which is why we also specialize in…
3) Train your employees to beware of ransomware threats.
Enforcing the rule that no one should click on any link or attachment unless they are expecting it from a specific contact is a good start. But so is basic training in the ins and outs of malvertising, the dangers of social engineering, and the increasing infiltration of phishing emails. The more aware your employees are, the safer your company will be.
Looking for help to put all three of these steps to work for your organization? Contact a trusted IT adviser like CMIT Solutions. For us, proactive monitoring, backup and disaster recovery, business continuity, data encryption, and secure cloud storage are crucial to surviving (and thriving) in today’s complicated IT world. We are here to defend your network, secure your data, and empower your staff to be more productive. At CMIT, we worry about your IT so that you can worry about the success of your business.