Is Your Company Prepared for Ransomware?
Early in 2016 the staff at Hollywood Presbyterian Hospital found themselves in an emergency different from those they face in the ER every day. They suddenly lost access to all their computers and thereby patient medical records. Is your company prepared for ransomware?
This is a life-threatening situation. Patient records contain critical data such as patient allergies and what medication they’ve already been given. Without that data they could have unwanted drug interactions or accidentally cause severe allergic reactions.
What caused this disaster? Their data had been encrypted by a malicious attack. Bad actors had infiltrated the hospitals systems and encrypted their data using ransomware. They then held the data hostage, requesting that hospital officials pay $17,000 in ransom to get a key to decrypt their data.
The hospital eventually ponied up the $17,000 in the form of untraceable crypto-currency and did gain access to their data. However, the cost of downtime and the danger to their patients was substantially more devastating than the price of the ransom.
What is Ransomware?
Ransomware comes from combining the words ransom and software. Its malicious software built by cyber criminals with the intention of extorting money from businesses. The software encrypts all the organizations data thus rendering it unusable. The only way to get back operational is to restore the entire system from backup or pay the ransom and get the key needed to decrypt the data.
Ransomware is on the Rise
This problem has been escalating over the last few years, and in 2018 ransomware rates were at an all time high. Here are some stats compiled by our friends at Phoenix NAP.
- A new organization will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021. (Source: Cyber Security Ventures)
- 1.5 million new phishing sites are created every month. (Source: webroot.com)
- Ransomware attacks have increased over 97 percent in the past two years. (Source: Phishme)
- A total of 850.97 million ransomware infections were detected by the institute in 2018.
- 34% of businesses hit with malware took a week or more to regain access to their data. (Source: Kaspersky)
- In 2019 ransomware from phishing emails increased 109 percent over 2017. (Source: PhishMe)
What Can We Do to Protect Our Networks?
With this pretty stark picture of the threat laid out most business owners are asking what can be done. There are several key things that businesses can do to ensure that their networks are as protected as possible from these threats. Our very favorite guidelines were given to us by the FBI. Here are some of the key action items your business can do to protect itself.
- Implement an awareness and training program. Because end users are targets, employees and individuals should be aware of the threat of ransomware and how its delivered.
- Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
- Disable macro scripts from office files transmitted over e-mail.
- Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
Business Continuity Efforts
- Back up data regularly and verify the integrity of those backups regularly.
- Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up. Ensure that you also have an offsite copy of all-important data.
You Should Have a Plan
Even when you’re prepared for a threat its still possible to get infected with Ransomware. You can mitigate the damage done considerably by having a plan in place beforehand. This allows your staff to know what steps to take in an emergency and act quickly. Is your company prepared for ransomware?
“If You Fail to Plan, You Plan to Fail.” – Benjamin Franklin
You Don’t Have to Go IT Alone
i.t.NOW stands ready to help. We work tirelessly to protect our client’s data from disaster such as Ransomware. We ensure that the proper solutions are put in place to prevent ransomware from ever infecting our clients. We also are fastidious about the backup solutions we use, so that even in the case a bad actor managed to bypass all our defenses we would be able to recover data without extensive downtime or a costly ransom payment.
We offer free consultations for your business and can offer straight talk about where you’re currently at in your defense of ransomware. If gaps in your current solution are identified, we can help close them. Call us today for a free consultation.