Tolar Systems Blog
Cryptoviruses and Ransomware: Defending Against a Hidden Enemy
If you're wondering whether your business is at risk of a cyberattack using cryptoviruses or ransomware, you're not alone and you're right to be concerned. Your company’s data and computer systems are one of your most important assets. What would you do if your company’s IT system was the victim of a cybercrime or cyberattack?
We all like to we're safe from criminals that want to use tactics like cryptoviruses or ransomware to attack our business. But the reality is, every company needs to understand these threats and be prepared in case of cyberattack.
Cryptoviruses and Ransomware: Breaking It Down
Cryptoviruses, also known as cryptolockers or ransomware, are the most common attack method that cyber criminals use to attack businesses. Cryptoviruses are malicious software programs that are designed to encrypt or code any computer files that they come into contact with using an unbreakable “key” that is only known to the cyber criminal.
After the ransomware has encrypted your files, it drops new files into each folder with instructions for you on how to decrypt your files. Typically, the instructions require the user to wire money, usually a cryptocurrency, to the cyber criminal—a ransom for your files. In return for your money, the cyber criminal will decrypt your files, if you’re lucky.
Cryptoviruses are designed to run in the background of your computer so you don’t even notice them. You won’t notice your computer running slower than usual. Your computer could be infiltrated with ransomware, but you won’t know it for several days before it finally shows itself. In most instances, the only reason a victim realizes they’ve been cyberattacked is because they tried opening a file and found it encrypted. Cryptoviruses and ransomware can attack anyone’s computer and are not protected through firewalls and antivirus programs.
Today’s cryptoviruses are very sophisticated. They include network discovery capabilities, meaning they can search the network and infect other devices, even if no user comes in direct contact with them, including local copies of data backups.
It Can & Will Happen to Your Company
A company is cyberattacked using ransomware every 40 seconds. That means that thousands of companies are dealing with cryptoviruses each and every day. Some industries may be bigger targets for cybercriminals than others, but no industry is immune to cyber criminals’ reach, and companies of all sizes are vulnerable.
A cyberattack can cost your company in many ways: your files, money, data and valuable downtime. Ninety-six percent of infected businesses lost access to their data for at least one day. Seventy-two percent of infected businesses lost access for two days or more when attacked by a cryptovirus. Imperva survey results indicated that each day without access can result in $5,000 to $20,000 in lost business and damages due to downtime. Can your business afford that?
Ransomware is everywhere. In the first half of 2017, Internet security company Symantec blocked more than 319,000 ransomware infections. And simply paying the ransom doesn’t guarantee you’ll get your files back—20% of businesses that do pay ransom never get their files.
What’s the Business Impact?
Cryptoviruses can cripple your business, from a technological standpoint. They can block access to your email or files or make your customer data vulnerable, putting your business at risk of losing credibility and trust with your customers. Many small businesses pay the ultimate price after being the victim of a cyberattack, and go out of business altogether.
In addition, your company could face negative media exposure or even civil or criminal culpability—all as the result of a ransomware attack.
You may be thinking, But I’m the victim! Shouldn’t the cybercriminal be the one punished, and not me? While that would be the fair result, not even a court of law can protect your business from cyberattacks. There is doubt in the courts that a custodian of your files can swear, under oath, that encrypted files were never altered, replaced, or disseminated because there’s no legal way to ensure they were safe, because you were not in control of your files. That would be catastrophic to any business owner.
The Best Defenses
The best defense against cryptoviruses is a good offense. Be proactive and implement best practices such as the use of firewalls, antivirus software, update software patches regularly and monitor to prevent network intrusion.
In addition, one of the best ways to protect your business against these types of cyberattacks is off-site data backup. This will ensure that even if hackers are able to launch a ransomware attack, you'll have access to an unencrypted file and not be forced to pay the ransom. You can use also use on-site backup, but those could also be encrypted; same goes for using an external drive.
Off-site data backup procedures should be done by a cloud hosting provider in compliance with the FBI's Criminal Justice Information Servies (CJIS) security policies. These policies recommend keeping an original file at a secure, remote location. Most backup software also includes file versioning. This process backs up every file, every time changes are made. If your computer is encrypted with ransomware, you can get the last clean version before it was encrypted.
If you’re thinking all of this is a little overwhelming, don’t worry. Tolar Systems can help. We provide a Complete Care service package, which can help protect your business against cyberattacks through:
- Proactive maintenance and care—Network monitoring that thwarts hackers.
- Guaranteed response time—When problems do arise, a guaranteed rapid response and restoration of your devices, applications and critical business systems.
- Network security—24/7/365 network monitoring and filtering to prevent cyberattacks.
For more information on protecting your business from cryptoviruses, contact Tolar Systems today.