By Allan Johnson
Over the past few years, you most likely have heard the term Ransomware Attack at least once. A number of businesses and public organizations have fallen victim to this type of cyber attack. These entities have the very difficult position of dealing with such an attack, significantly impacting day-to-day operations.
But just what is a Ransomware Attack and what steps can be taken to help avoid finding yourself in position of being the next victim? Allan Johnson of Matrix IT Solutions, a local Cyber Security Specialist, offered up the following information and tips to help protect yourself and mitigate any risks to an acceptable degree.
What is “ransomware”?
It is a type of malicious attack where attackers encrypt an organization’s data and demand a payment to decrypt and restore access.
Here is one example of how a ransomware attack can occur:
- A user receives an email and is tricked into clicking on a link that downloads a file from an external website. The email can appear to come from a person or vendor you have dealt with in the past.
- The file usually looks like an ordinary file such as a pdf, word doc or another type of file and not knowing the file is ransomware, the user executes/opens the file.
- The ransomware now takes advantages of vulnerabilities in the user’s computer and other computers to spread throughout the organization.
- The ransomware will start encrypting files on all the computers including servers you have access to, then a message is displayed on their screen demanding payment in exchange for the decryption of the files.
Ransomware will disrupt or halt your business and management now has a decision to make; do you pay the ransom and hope the attackers will restore access or do you not pay and restore operations yourself?
You should never assume your business is too small to get hit. The objective of ransomware is to ensure the malware spreads as widely as possible and infecting individuals and businesses computers of all sizes.
Tips to protect your business and yourself from ransomware:
Know when it is fake:
Common ways ransomware can hit is by emails; like phishing emails that can trick you into clicking on an attachment or malware. Malware can sit unnoticed for a period of time which allows the attackers files and steal data with the final step unleashing the ransomware.
The ransomware is carried in hyperlinks or attachments contained in fake emails, fake text messages and fake postings on social media.
You can tell that it is a fake when you see the name of a company or brand you shop from or do business with, or the names of people you know and work with, who have emailed you a link or attachment claiming to disguise as the real brand, business or person.
The disguise is a real name on a fake email address / fake text message / fake social media posting, or a real name on a spoofed (looks real) email address / spoofed (looks real) phone number, containing harvested conversation threads from the past, or containing relevant communication that you are used to seeing from that business, brand or person.
The giveaway that it is a fake is: it will have word choices to lure you to click a real looking link or attachment in fake emails, fake text messages, and fake postings on social media.
Alternatively, it can lure you to reply, and the internet criminal will build rapport with you until they know you can be fooled: then you will receive the convincing fake email, text message or fake posting on social media which after clicking will gradually start the process of ransomware through the use of malicious payload droppers.
Be ready for Zero Day Exploits:
Zero Day Exploits by definition is an attack that takes advantage of a vulnerability that does not have a fix in place. This is because once the threat is discovered the organization has “zero days” to come up with a solution which is why they pose the most difficult risk to manage.
Keeping each and every digital system you use updated regularly is the minimum you can do to manage Zero Day Exploits.
To better protect yourself against Zero Day Exploits, you require security systems that are test-proven to catch a breach before ransomware is deployed.
Do your due diligence in searching for your cyber security partner who can assist you with Zero Day Exploits with a testable security system that goes beyond false promises of false-marketing.
Contract Professionals to do your quarterly “technology fire drills” for your business:
Other than you yourself trying to cope with fakes, there are systems that will protect you even if you by mistake fall for a fake or you are victim of a Zero Day Exploits.
These systems are called Cyber Awareness Education Training and Simulation systems, Vulnerability Assessment systems, Email Security systems, Cloud and On-Premise Zero Trust Network Gateway systems, Managed Endpoint Protection Detection systems, Response and Security Incident Event Management systems, Mobile Device Management systems, to mention a few.
Speak to your contracted cyber security specialist to perform the drills and implement your information security operations. You will be provided with actionable reports, which will help you plan your security budget and continually improve your ability to manage your risk.
Get Cyber Insurance to Protect Yourself from Legal and Financial Consequences of a Breach and Ransomware Caused Losses:
Contact your choice of Cyber Insurance providers and learn their requirements that you have to fulfill to get cyber insurance. To become eligible for Cyber Insurance and to save money on getting the best insurance rate, you continually have to maintain your business to information security standards, i.e. the one set by the Government of Canada for Canadian Businesses, The path to enterprise security – Canadian Centre for Cyber Security.
Matrix IT Solutions has products and capability to prevent known, unknown, and zero-day threats prior to execution with >99% accuracy, <0.1% false positives and <20ms malware prevention across millions of files per day. For more information on how Matrix IT Solutions can help you protect your company and data from Ransomware and other Cyber Attacks, reach out to Allan and his team via email at [email protected].