Ransomware is defined as a viral program which will hold a computer's files hostage until the demands of the hacker have been met. Although initially the attacks were focused on individuals, more and more these attacks are being focused on small business owners. According to Datto, "Ransomware netted over $325 million in 2015, and has already made over $200 million in the first half of 2016." There are three type of ransomware, which range from "irritating but fixable" to "Def Con Five, you need to buy a new computer." We'll go through each of them, and what you can do about them.
First up you have Scareware, so called because that's the most it's going to do. These spam your computer with annoying pop ups while you're surfing the web. They claim that your computer has been scanned and found to hold a large amount of malware. But don't worry, they'll fix it for just a small fee! This is a scare. They use the large number (pulled out of thin air) to get you frightened so you'll react first and think later. Most of the time this can be fixed on your own by doing a quick scan of your computer. No muss, no fuss.
Next up are Screen Lockers. These won't show up until the next start up after your computer is infected. They display a lock screen which states that your government has found you to be guilty of committing some sort of cyber crime, and has locked your computer. All is not lost though! They will unlock your computer if you pay them. If you were able to ask anyone in law enforcement about this, they would tell you -- after they finished laughing -- that you cannot pay the government to leave you be if you've been up to something illegal. Also, they won't lock your computer. This one is a more serious threat, but can be cleaned up most often with a system restore.
The third category, and the largest threat, are Crypto Lockers. These are not mere annoyances, but full on threats to your business. They get into your network most often by posing as an email from a trusted source, prompting someone to download an attachment. This then encrypts every file on the computer, if not the entire network, depending on the virus in particular. They then make a simple demand: pay up, or all of the files are lost. This is not something you can recover from easily. Even one day's loss of files can set a business back for months.
So, what can you do?
When it comes to protecting your business from ransomware, you have two things that you should do. The first is to hire someone to build and maintain a custom firewall. This is a much needed piece of security that will help weed out threats. The second is to back up regularly. Backing up your files means that if you do end up being attacked, you could lose only a day's worth of files, instead of six months. Yes, it's still a loss, but it's better than the alternative. The third and most comprehensive, is to deploy a full Business Continuity solution, allowing you to just revert to a point in time just before the attack happened.
If you would like to talk to a professional about protecting your business against ransomware, please contact us today.