Navigant's Cyber Risk and Information Security PracticeLearn More

Blog

Ransomware05 January 2017

By
IT Security, Policy Development, Risk Management

Over the past several years, there has been a dramatic increase in viruses and malware that affect computers and network devices worldwide.  It often happens when a user opens and downloads an unknown file that appears to be legitimate, but actually contains a virus that can disrupt computer and network operations. Businesses lose billions of dollars due to damages caused by various malicious files that are accidentally opened by users.  A major type of malware that organizations are facing today is ransomware.

Ransomware is an ongoing threat to organizations that use the internet to store and share information with one another. Ransomware is spread through a variety of methods that includes unsuspecting users visiting compromised websites that automatically download the malicious file on to their computer. Another method is through email attachments that will deliver the payload once the user downloads a file.  After the malicious file enters the computer or network, the payload will prevent the user from accessing their computers and servers by locking the system and preventing access to files by the use of encryption. Once they pay the hackers a sum of money, typically bitcoin, they will receive a decryption key to unlock their files.  There will be instructions on the victim’s screen that will state the amount of money that needs to be paid and how long they have until the hackers completely wipe the system.  A word of warning: there is no guarantee that a hacker will send the decryption key after being paid.

There are several ways to reduce the chances of being a victim of a ransomware.  The following steps will help to protect your systems from ransomware:

  • Keep your systems up to date with the latest security patches.
  • Install well known anti-virus software.
  • Do not open unknown emails.
  • Do not download programs from untrusted sources.

The most beneficial way to obtain your data after falling victim to ransomware is to restore your files from back up.  Companies often neglect to realize that backing up files will save time and mitigate data loss.  a lot of originations do not see backing up files as a critical priority to recover from disaster.  If businesses were more concerned with backing up their data on a regular basis, then when they fall victim to a ransomware attack, they can quickly restore their information with minimal loss.

A company may think that a ransomware attack will not occur on their network infrastructure because a hacker may not be interested in what the company does, wrong!  Hackers often go after any company that does online business.  No users or companies are immune to ransomware attacks. Every organization should take ransomware seriously and be proactive in making sure that they use best practices when using the internet.  The following are several reasons why any company could be targeted for ransomware:

  • Hackers are after the revenue companies earn.
  • Network devices, including computers, have vulnerabilities that can be exploited.
  • Users are prone to social engineering attacks.
  • Ransomware can affect company servers, computers, and cloud storage.
  • Companies are fearful of having to report IT security breaches and face legal issues so they would rather pay the attackers for the decryption key.

It is crucial that business have well written policies, such as an acceptable use or email policy, that users are to follow to ensure that they do not download or open unknown emails that contain malware that will allow the ransomware to run on the network.  Also, companies should review all policies related to internet usage on a yearly basis to make sure they are up to date.  In addition, companies should conduct seminars to educate employees and review internet usage policies that discuss the latest cybersecurity threats.

If you would like to learn more about ransomware or policies applicable to your organization, please CONTACT COMPASS.

Work With Us Learn How