A criminal is holding your business for ransom. What do you do? Pay it or possibly lose everything. Learn more about ransomware attacks and how to fight them.
Ingleside, population 10,000, a tiny Texas town where nothing ever happens, until it did on Jan 2, 2020. On this day, they faced an attack no town this size ever expects. And that event reminds us that no business or municipality is too big or too small to be the target of a ransomware attack.
City services went dark as malicious hackers encrypted the town’s critical data and held it for ransom. The only way to restore much-needed services was to either pay the ransom or shell out up to 10 times that to have a ransomware recovery team try to decrypt the data.
Paying the ransom encourages the attackers, supporting their criminal enterprise. They now go on to victimize others. But most cities can’t afford the costs of recovery without paying the demands.
What would you do? Tristan Stewart of Integrated365, a Dallas IT services company offers insights into this latest round of ransomware to strike in Texas.
Ransomware Attacks Are Everyone’s Problem
In 2019, 70 state and local governments faced this decision, along with many more businesses. Atlanta chose to pay $2.6M to a recovery team rather than the $500,000 ransom. Commercial shipping behemoth Maersk lost $300 million in revenues when hit with an attack.
And no one is immune, no matter how benevolent. Hospitals, small dental practices, and even schools have found themselves in this predicament. Health systems have even had to close their doors permanently when they couldn’t decrypt patient records.
How Do Ransomware Attacks Happen?
They happen in the blink of an eye with a sudden sinking feeling in the gut once you realize you’ve been hacked.
Usually, the employee is tricked into giving away their password through phishing scams. If they believe the pay off is great, Hackers can also use other methods to acquire passwords like compiling information on password habits from many low-security sites used by high-profile employees to guess high-security passwords.
With a password in hand, the hacker can now “walk in through the front door” of your systems, gaining access as the employee’s accounts where they can then encrypt files. Once encrypted, files can only be decrypted using a key that the hacker knows. They’ll usually give it to you if you pay up.
Otherwise, code breakers must work hand-in-hand with technology to try to break the code. It’s a tedious process that can take days or weeks. However, the more prepared a town or business is, the less of an ordeal recovery becomes.
How to Prevent and Prepare for Ransomware Attacks
First, know you may not be able to prevent all attacks. The attackers often cast a wide net and attack relentlessly. Someone will eventually fall for it.
So you must have a multi-faceted strategy that includes both prevention and preparedness to restore encrypted files. This includes things like:
- Employee education, so workers recognize a phishing scam and employ safe password and verification practices
- Email spam filters
- Secure yet functional data backup
- Automated monitoring for suspicious activity
- Proper firewall and malware protection
- Clearly defined security and recovery procedures
- Investment in cybersecurity personnel who understand the risks and solutions you need
Ransomware happens. But knowledge is power. Follow our blog to get the latest on cybersecurity for your business.
Interesting related articles: