Security experts say ransomware looms as one of the top cybersecurity threats in 2018 — and for good reason. Last year, these incidents accelerated exponentially, with mobile ransomware attacks rising 250 percent during the first quarter of 2017 compared to quarter four of 2016.
This trend will continue to gain steam in 2018, with MIT forecasting that hackers will target cloud providers such as Amazon. But while large companies like Amazon have greater resources to defend themselves, smaller businesses without such deep pockets will face the greatest risks. In particular, cybercriminals are broadening their attacks from Windows computers to other devices so that no platform is safe from ransomware threats.
While anyone can be targeted by a ransomware attack, there are steps you can take to reduce the risk. Here’s a look at how ransomware attacks work, how you can protect your business and what you can do to recover in the event you are attacked.
Explaining How Ransomware Attacks Work
So how do ransomware attacks occur? Experts say it’s similar to the way malware can infiltrate systems, but with a twist that hijacks your computer and holds it hostage. Like other malware, ransomware gets on your computer by tricking you into accepting an infected file and then runs in the background without your knowledge. But unlike other malware that steals information, ransomware executes a code that locks your machine so that you can’t use it and then posts a message demanding payment to unlock your system.
Ransomware can get on your system through three main attack methods. The most common is sending you an email with an infected attachment and tricking you into opening the email and attachment. Another method is tricking you into clicking on a link to an infected website or popup ad. A third, less common method involves unscrupulous people leaving an infected USB stick near a business center parking lot in the hopes an employee will pick it up and start using it.
The worst forms of ransomware encrypt your data so that you can’t use your computer unless you pay the ransom to get an unlock code. Typically, if you don’t pay for the unlock code within a set period of time, the ransom fee doubles; then, if you still haven’t paid before the deadline expires, your data gets deleted. Other forms of ransomware, known as scareware, don’t actually encrypt your data, but rather attempt to scare you into thinking they do so that you pay the attacker anyway.
Ransomware attackers usually demand payment in untraceable electronic forms of currency, such as Bitcoin. Paying these fees is no guarantee you’ll regain access to your data. In fact, once you pay, criminals may regard you as an easy victim and target you again in the future.
Preventing Ransomware Hacks
To protect your business against ransomware hacks, there are some essential steps you should take immediately. Your first line of defense is installing an up-to-date antivirus program that runs in real-time on your computer in order to immediately detect and neutralize known ransomware threats. It’s also important to educate yourself and your employees to avoid opening suspicious emails, visiting unsecure websites, or using discarded USB sticks that may contain ransomware.
In the event ransomware does get on your system, another important step to follow is to keep your operating systems and apps updated. Most successful ransomware attacks target vulnerabilities in outdated software, so keeping your software current can thwart many attacks.
Finally, as insurance against a successful ransomware attack, it’s vital to keep your data backed up so that you can recover it without having to pay the ransom. The best way to do this is to schedule automated cloud backups with a secure provider like Mozy, which uses military-grade encryption to protect your backups from hackers.
Recovering from Ransomware Incidents
If, despite your precautions, your business does fall victim to a ransomware attack, don’t pay the ransom; after all, you may not get your data restored — and you’ll only invite future repeat attacks.
Instead, restore your data from your backups, which is the fastest way to recover from a ransomware attack. In most cases, you should be able to restore your data and get up and running again within 33 hours, according to Vanson Bourne. This isn’t nearly as much of a hassle as being down for weeks or not being able to recover your data at all because you didn’t back it up.
Now, if you got hit before you had a chance to back up your data, all is not necessarily lost. In some cases, companies have been able to successfully recover their data due to flaws in the hacker’s attack method. But your best bet is to have backups available in the event you can’t recover your data.
Bear in mind that just because you take preventive measures against a ransomware attack now, it doesn’t guarantee you’re immune to potential attacks in the future. Staying secure against ransomware threats requires ongoing attention to detail and running continuous backups.
Ransomware attacks can easily worm their way into your system by tricking you into opening a suspicious email, clicking on an infected link, or using an infected USB stick. Fortunately, you can prevent ransomware attacks by avoiding these sources of infection, running an up-to-date real-time antivirus program, keeping your operating systems and apps updated, and backing up your data. Scheduling automated data backups is the best way to recover your data if you do fall victim to an attack.
About the Author:
Roy Rasmussen, coauthor of Publishing for Publicity, is a freelance writer who helps select clients write quality content to reach business and technology audiences. His clients have included Fortune 500 companies and bestselling authors. His most recent projects include books on cloud computing, small business management, sales, business coaching, social media marketing, and career planning.