Home » Blogs » Ransomware 101: What You Need to Protect Your Business

You’ve heard about ransomware attacks on the news… They’ve targeted some of the world’s largest companies and institutions. They have odd, sinister sounding names like “WannaCry” and “Petya.” Ransomware attacks cost companies thousands – if not millions – of dollars.

But despite how widespread these attacks have been in recent years, the issue of ransomware remains rather mysterious to most people. Obviously, the criminals behind ransomware attacks don’t want to draw too much attention to themselves. But the victims of the attacks also want to stay out of the spotlight in most cases. Why is that?

  • They don’t want the public to think that their data has been compromised
  • They don’t want shareholders, competitors, or customers to know they’ve taken a hit
  • They don’t want to reveal their vulnerabilities to other hackers

This makes it difficult for many people to fully appreciate the scale and immediacy of the threat posed by ransomware. It can lull businesses – especially smaller ones – into a false sense of security. It makes ransomware seem like something that happens to other people, other businesses. 

In fact, ransomware can strike anyone. And if you’ve done nothing to prevent an attack, you’re a sitting duck.

The good news is that there are steps you can take to prevent an attack. You can also have a plan in place that prepares you to respond to an attack if one occurs. This article will answer everything you need to know about ransomware and the steps your business should take to be ready.


What is Ransomware?

Let’s start with the basics. Ransomware is a virus that infects your computer or mobile device. It encrypts your files and locks you out so that you can’t open anything. Ransomware may lock you out of your entire operating system so that you can’t even boot up.

Once the encryption is in place and you’re locked out, you’ll get a message demanding payment – literally a ransom – to regain access. Typically, payment will be demanded within 24 hours, after which the amount of the ransom will continue to escalate significantly. The ransom message will require payment to be made in Bitcoin, which (if the program creator is thoughtful enough) can be extremely difficult to trace. These transactions can be devised to be so complex as to seem untraceable.

Theoretically, once you’ve made the payment, the hacker will send you a decryption code that will unlock your files. But – surprise, surprise – criminals don’t always live up to their word. So even if you pay the ransom, you may not get your files unlocked. Which means…

Don’t pay the ransom demand if your business is attacked by ransomware! Ever!

It probably won’t get your files back, and you’ll just be funding a criminal enterprise. Instead, call in IT experts like BDK to help restore as much of your data as possible. It’s better to invest your money in IT experts to fix the issue rather than spending it trying to regain access to your system. Paying the ransom also doesn’t do anything to protect you from future attacks. In fact, once you’ve paid, you’ve established yourself as a good target for future attacks.

You will be much better off if you bring in an experienced IT or cybersecurity firm to help you out. Not only can they help decrypt and/or restore most (if not all) of your files, they can put measures in place to protect you going forward.


Prime Targets for Ransomware Attacks

The creators of ransomware attacks are savvy, and they often have specific types of targets in mind. These include:

  • Businesses that have multiple employees connected through a network, which allows the attack to spread
  • Business units that are networked with a larger parent company or conglomerate
  • Public institutions, which have often neglected security and technology updates due to budget cuts
  • Anyone who has paid a ransom in the past

These certainly aren’t the only types of organizations that are targeted. Even individuals are vulnerable. But due to their deeper pockets and larger networks, businesses and public institutions need to be particularly concerned about ransomware.


How Ransomware Gets in Your Network

It’s important to understand how easily you can fall victim to ransomware in the first place. Many of the most vicious and widespread versions of ransomware get past antivirus software undetected.

These are the most common ways ransomware infiltrates your network:

  • An employee clicks a malicious links in spam email
  • An employee is redirected from a legitimate website to a malicious one
  • An employee is on a legitimate website, but the site has been attacked with malicious code
  • Your network falls victim to a “drive-by download” (a virus is programmed to find vulnerabilities in your software and take control of a program)
  • An employee clicks on an ad hiding malicious links
  • An employee clicks on a malicious link in a text message (a particular concern for Android devices)

Training employees on these threats and how to avoid them is always a good idea. But keep in mind that ransomware is often very sophisticated. It’s designed to dupe even alert, tech-savvy people into exposing network vulnerabilities.


How to Prevent Ransomware Attacks

An experienced IT firm can put tools and processes in place that will help protect your organization. These include:

  • Regular security updates for all software and hardware
  • Proper browser security settings
  • Minimal and proper use of browser plug-ins, which can be particularly vulnerable to attack
  • Install ad blocker software
  • Install anti-ransomware security tools
  • Implement regular, automatic data backups to the cloud (which is safer than you think)

The last item on this list isn’t as much about preventing an attack as it is ensuring you’re prepared to respond to one. The reality is that ransomware is ever changing, so you’re always vulnerable to attack even if you’ve done everything right. That’s why every organization needs a solid high availability and disaster recovery plan in place before disaster actually strikes.


What to Do if Your Business is a Victim of Ransomware

Again, the first rule of responding to a ransomware attack is don’t pay the ransom!! Trust us, it may seem like an easy and quick fix, but you’re probably throwing your money away and you are certainly inviting more trouble in the future.

If an attack has happened, call your IT or cybersecurity firm immediately. They will try various decryption tools that have been developed to combat ransomware. They will also go through your entire network to make sure every last trace of malicious software and code has been eliminated. Finally, your IT firm will restore your data from offsite backups, significantly minimizing your losses.


We Can Help

We love helping our clients be proactive in their security planning. This truly is a situation where “an ounce of prevention is worth a pound of cure.” If you’d like to explore your options when it comes to preventing ransomware attacks, contact us and we’ll set up some time to chat. 

Add new comment

Filtered HTML

  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br> <p> <img> <pre>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.