I was recently interviewed by Carolyn Heinze for ChannelPro Network magazine on the subject of ransomware. Ransomware is back (if it ever really left) and there are strategies you can use to defeat it. If you do nothing, there will be nothing for you but to pay up.
On October 21st at the Cyber Security Summit in Boston, comments by Joseph Bonavolonta, Assistant Special Agent in Charge of the Cyber and Counterintelligence Program in the FBI’s Boston office caused quite a stir. In a presentation where he was talking about the threat of ransomware, aka the CryptoWall and CryptoLocker exploits, he was reported to have said “The ransomware is that good… To be honest, we often advise people just to pay the ransom.”
Now to be sure the FBI is not advising you to simply pay the ransom, get your encryption key, and recover the files. But what this does say is that your options are severely limited after your data has been encrypted by a cyber-crime gang. They are:
- Restore from backup
- Hire a cybersecurity specialist
- Pay the ransom
And in all honesty, the second option will not recover your files either. So there are really two options.
If you are not backing up your data yet, I can only ask why the heck not! Backup devices, software, and services are widely available and most consumer PCs come with at least two backup systems preinstalled, Windows backup and something else. Most of them are super simple to set up. Business class systems are not that difficult either, and the annual cost of backup is considerably less than the “fee” the cyber-attackers will be asking for.
The official advice from the FBI website is:
- Keep your Internet security software active and updated. This is your first line of defense against crypto-malware.
- Patch your operating system and applications promptly. This means running Windows updates automatically, or at least in a timely manner, and keeping software such as Adobe Reader and Flash and Java updated.
- Watch out for phishing email scams. Avoid opening attachments and clicking on links in emails without first confirming the source and contents.
- Make regular backups, and keep at least one offline. We advise performing a local backup to a backup device and and second backup to a cloud service such as Datto or Carbonite. This protects you from data loss of any type, whether caused by ransomware, flood, fire, loss, theft, or mechanical failure of a hard drive.
Ransomware exploits are popular with cyber-criminal groups because it works very well. Last year U.S. businesses reported over $18 million in losses to the IC3, and those are just reported losses. Actual losses are undoubtedly much higher. If you have been kicking the can of cybersecurity preparedness down the road for the last couple of years, it is time to pick up the can. Call a cybersecurity expert to protect your business from ransomware and the multitude of other exploits that are happening to small businesses just like yours.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com