How to WIN the ransom wars: Avoiding ransomware and the damage they cause a business.

Day-to-day businesses continue to increase their reliance on the internet. This means the potential for a cyber-attack, system compromise or loss of data is also continuing to increase.  

If your business is running a website, using email, or doing anything that requires the internet, then you need to make sure everything is as safe as it can be from something like ransomware. 

What is Ransomware 

Ransomware is a type of malware which handicaps computer functionality and takes control over your data. Ransomware (like CryptoWall or CryptoLocker), compromises and encrypts your data so a ransom demand can be issued in order to restore it. Ransomware attacks can be surprisingly organised and catastrophic. The WannaCry ransomware is one that is so widespread it is affecting 125,000 organisations across 150 countries. 

The Petya ransomware is another one that has affected many companies. It works the same as other ransomware; pay the ransom that is demanded or lose your files, but rather than use a virus to encrypt files one by one, this ransomware will target your entire hard drive.  

And of course, paying the ransom fee does not guarantee ransomware removal, which can lay dormant ready for another attack in the future. Profits from these activities are very lucrative for cybercriminals and it’s quite easy for them when there are businesses out there that are not properly protected. 

Are you one of these businesses? 

Why This Should Matter to You 

Maybe you don’t believe your business could be a target? Well... 

• 43% of all cybercrime targets are small businesses 
• 59% of Australian organisations have a cyber breach every month 
• 80% of hacking-related data breaches involve weak or stolen passwords 

• A rising number of crypto virus attacks are happening daily, as much as 4,000 attacks each day 

You may have thought the primary targets are large corporations but there has been a recent change. Even though it is a bigger gamble, in order to get a quicker win, it now seems the ransomware operators have learnt to price point their ransoms closer to a value that makes it more appealing to pay. With more frequent ransoms in the range of $4000 - $12,000, it seems they have begun to predominantly target small businesses who are less likely to have strong protection and be more willing to pay.  

Another disturbing development in recent years is the establishment of ransomware as a service. Disgruntled staff, customers or other perpetrators can buy ransomware off the dark web, inject it into a company and get a profit from it. The hacker takes a fee off the top of the total ransom for providing the ‘service’.  

Anyone can be a target.  

It’s easy to underestimate just how big of an impact this could have on your business.  

Don’t fall into that trap.  

Ask yourself these questions:  

1. What would happen if you encountered a crypto virus and your data was compromised right now?  

1. Is your data backed up in multiple places? 

1. How long will the recovery process take?  

1. Do you even have a recovery process in place in the event of a disaster like this?  

1. Is your business prepared to function during the downtime?  

If these questions are just creating more questions, then it’s time to really think about finding the right answers and protecting your business. Just imagine losing access to your data and having to pay a ransom of hundreds or maybe thousands of dollars for the ransomware removal. 

What if it happens 

With the Notifiable Data Breaches scheme (NBD) that applied from February 2018, Australian laws require you to report these types of incidents if your business has an annual turnover of $3 million or more.  

Ensuring you have backups should be your main priority. Making sure those backups work with regular testing and understanding how long the restoration process will take is the next vital step. 

You should never be in the vulnerable position of paying the ransom under any circumstances because there is no guarantee that will fix anything and could make you weaker in the future. Let’s think of the worst-case scenario that can happen though, which is you paying the ransom but still not getting your data back.  

What then?  

Your business will suffer from: 

• Loss of revenue 

• Loss of reputation  
• Damage to equipment  
• Significant down time 
• Expensive recovery processes 

A cyber-attack can destroy your reputation and your bottom line. On top of the litigation fees and lost revenue, you can also see an increase in insurance premiums, fines and other unexpected costs. Keep in mind that cyber insurance policies are getting stricter on businesses who do not adequately protect themselves, so the payouts are only going to get tougher. A crypto virus can set you back a long way, you may even need to start from scratch if you are not prepared for it, and it can create a PR nightmare that will lose you current and future customers.  

How You Can Protect Your Business 

The best ransomware protection is prevention and preparation.  

The following steps can be taken now to reduce the risk of your business being impacted in these ways: 

• Make an effort to stay informed, be smart and safe online 
• Have a business continuity plan in place. Learn about Business Continuity and Disaster Recovery 

• Use anti-virus software and maintain a strong firewall. Learn about Advanced Firewall Maintenance 
• Have anti-virus and basic security software in place. Learn about Security 
• Create and maintain regular backups of any business files  
• Don’t click on links, messages or attachments from people and groups that seem suspicious or you don’t know 
• Use strong passwords  

• Regularly update your software