The world of cyber security is immense and complex, and a short article like this one is unable to deal with all the dangers that a company’s computer data can be exposed to. That having been said, one type of threat has been topping the news in recent years, which has come to be called: Ransomware.
Ransomware appears as malicious software programs which encrypt data on a given network and take them hostage unless a ransom is paid, often in the form of crypto-currency. Once running, the program encrypts all the data to which it has access and it can self-propagate to the point of paralyzing an entire network. A warning message along with a countdown timer then threatens to erase the data if the ransom is not paid within a given time, often 72 to 100 hours. It should be noted that if the countdown gets to 0 and the data are not erased, then the ransom will increase exponentially.
The extortion amount may vary greatly from one situation to another and can, sometimes, seem insignificant compared to the potential damage, financial or other, that the loss of this information represents. Unfortunately, victims have no assurance that, once the ransom has been paid to the cyber pirates, their data access will be restored. The pirates, at times, do not even have the capacity to decrypt the data.
Simple measures can reduce considerably the danger factor in these malware programs and, if an incident occurs, can result in one’s getting through it relatively unscathed.
In the field of cyber security, the greatest allies to be found are informed and intelligent employees. Ransomware is delivered generally, though not exclusively, through emails with attached files. It may also take the form of pop-ups which present themselves as antivirus software.
An up-to-date licensed and paid antivirus will normally serve to detect and prevent most ransomware programs from being implemented but will never be as effective as not activating such programs in the first place. Blindly trusting a piece of software means, in fact, ignoring a valuable resource: the intelligence of individuals who care about the growth and performance of the business for which they are working.
This being said, It cannot be repeated too often: “Never open an attached file, whatever the type, if you are not absolutely sure where it comes from.” Along the same line, one good cyber habit to adopt involves never connecting devices to your network if you do not know their source (a USB key or a hard disk drive which has just “appeared”…).
The first sign that ransomeware is at work is an unexplained slowdown of your computer followed by the inability to access a growing number of files. At this moment, it is most important to disconnect the device as fast as possible (often physically) from the network. At the same time, resist the temptation to reboot the computer. In fact, there are a very small number of ransomware programs for which decryption solutions are available through specialists in cyber security. Unfortunately, these solutions prove to be useless once the infected system has been restarted.
Once the damage has been done, the last measure to help minimize the impact of ransomware involves retrieving a backup copy of the network data. Of course, it is necessary to have thought of this beforehand. Making regular backups of data on your network and saving them off line, ideally in another physical location, is the safest way to avoid most damage. As well as protecting your company from this threat, backing up data has the added benefit of enabling the recovery of accidentally erased or corrupted files. In this way, if an incident occurs, the losses will be limited and your business can resume activity within a reasonable time. Various backup solutions are available in vastly differing price ranges. It is important to ask yourself how much you can afford to lose when you shop for these and to see backups as an insurance for the future and not an expense. Even if you would prefer never to have to think about it, you will congratulate yourself on your foresight when the occasion arises.
No business is entirely protected from this kind of piracy and even the smallest of companies owe it to themselves to have a plan in case they take a hit. Thankfully, simple measures exist, such as making employees aware, promoting solid cyber health and making regular backups of the network, and they make it possible, if not to totally eliminate the threat, at least to manage it effectively and greatly limit the impact. The next step to take involves consulting an expert in cyber security in order to lay out a strategy, if not already done, which can be communicated to all employees.