Criminals have stolen valuable assets and kidnapped people for ransom for thousands of years. As society became more sophisticated and technologies advanced so did criminals. It isn’t a surprise that the Internet has brought supersized new opportunities for the bad guys. One of the newest opportunities is crypto-ransomware.
Crypto-ransomware became much more prevalent in 2014, but this isn’t the kind of ransomware you may be used to hearing about. Just a few years ago, ransomware relied on tricking computer users with phony warnings like the computer is infected, pay this fee to clean up “viruses” that aren’t really on your computer or scaring the computer user saying he must avoid fines from police for a crime he didn’t commit.
The new form of cyber crime can stop a business instantly by using malware to freeze all the files and documents until a ransom is paid. Symantec’s latest report says it is one of the fastest growing threats to small and mid-sized businesses on the Internet.
Criminals use malware to encrypt the information on the hard drive then hold a victims files, photos and other information on the computer hostage. They demand payment to receive a key to unlock the files. The cost can be steep. It is usually $300 to $500 in bitcoins, enough in U.S. currency to severely harm a small or mid-sized business. Even after the ransom is paid there is no guarantee the files will be de-encrypted.
Symantec in their 2015 Internet Security Threat Report stated ransomware attacks grew 113 percent in 2014, driven by more than a 4,000 percent increase in crypto-ransomware attacks. Ranosmware attacks more than doubled in 2014 from 4.1 million in 2013 to 8.8 million. Crypto-Ransomware expanded from 8,274 in 2013 to 373,342 in 2014. That’s 45 times more crypto-ransomware in the threat landscape within a one-year span dark web bitcoin.
Small and mid-sized businesses should be concerned
Symantec’s report stated 2014 was a year of far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous years. Nearly one-million new viruses are discovered every day. They say 60 percent of all targeted attacks struck small and mid-sized businesses. Just as alarming, a recent Palo Alto Network study stated that 52% of malware in 2013 focused on evading security making it more difficult to guard against an attack.
It is no wonder small and mid-sized businesses are targeted. They often have fewer resources to invest in security, and many are still not adopting best practices to protect their valuable information. This puts not only the business, but their business partners and customers at higher risk. Every organization, small to large, is vulnerable.
Steps to avoid a crypto-ransomware attack
A criminal must find a way to get into a computer network to provoke an attack. It sounds pretty simple, keep the bad guy out and, generally, you won’t have to deal with these kind of malicious attacks. All of your protection efforts should be focused on keeping thieves away. Here are steps you can take to prevent this kind of attack beyond the standard anti-virus and firewall protection:
- Employee Training – Every business should establish a culture of best practices for information security. Unfortunately, employees can be the weak link in the security chain. Every employee must be trained in the basics of protecting a business from a cyber attack.
- Password Protection – Implement a password protection policy that includes changing passwords every 30 to 90 days and mandates employees don’t use them outside of work. Employees can and do use their login and password information outside of work. Once a criminal gets this information he can use it to gain access to the business.
- Monitor the Dark Web for stolen credentials – This is a step most businesses are missing. Stolen credentials like email login and password often appear in places thieves trade stolen information for weeks, months and, even, years before an attack occurs. Finding this information on the Dark Web and correcting the problem when it appears can prevent an attack from happening.
- Intrusion detection and protection software – Many are heuristic in nature, they anticipate and quarantine suspected viruses and malware that traditional anti-virus protection may miss.
- Back up your files daily – This will allow a business to overcome a crypto-ransomware attack quickly. A professional tech can clean up the network getting rid of the malware and then installing the backed up files. What the criminal is hoping is you aren’t regularly backing up your files and you will have no choice but to pay the ransom.
We live in a rapidly changing world. It is important for a business to keep up, too
Taking preventative measures is a lot less expensive than dealing with crypto-ransomware, data breach or other types of cyber crime. Criminals are constantly finding new and inventive ways to steal your money, employee and customer information, trade secrets and/or just to take the business down. Don’t become a victim. Implement the recommended steps today.