Posted by: Heather Shy on June 10, 2016 at 11:22 am
If it feels like we’re talking about ransomware a lot lately, well, we are. One of the reasons is that we’re hearing a lot more about it in the security community. And some of the headlines would terrify any business owner:
- Health Center Paid 68 Bitcoins (40K) To Get 250 Machines Back.
- University Pays Hackers 20,000 Dollars To Get Back Its Infected Files.
- Hackers Hold A School District Hostage For Almost 10,000 Dollars.
- Companies Are Stockpiling Bitcoin In Case They Get Infected With Ransomware.
(Headlines compiled by our friends at KnowBe4.)
So why is ransomware big news all of a sudden?
Malwarebytes.com took a good look at the history of ransomware in a recent blog post. (It’s an excellent “longread” if you’re interested in this stuff.)
They cited a Symantec study that tracked the rampant growth of this threat. From 2005 to 2014, there were about 16 known types of ransomware. In 2015 alone, there were 27. For 2016, there were 15 types discovered in Q1. Already. So, if you’d like to speculate and project a little, we’re looking at about 60 different kinds of ransomware by the end of 2016, at least.
Why? Malwarebytes concluded:
Ransomware has become the most frequently used form of malware attack due to its being plentiful in the underground, easy to use and incredibly effective at extorting large amounts of money from victims.
Among the more interesting and unnerving facts in the Malwarebytes post is the existence of Ransomware as a Service. (Yes, they really use the “RaaS” naming convention, just like legitimate computer services.) One company advertises their affiliate program that generously shares 50% of the profits from the scams they perpetrate on your behalf. Nice.
How to Protect Your Business From Ransomware
We’ve discussed this before, and Malwarebytes backs us up. To summarize:
- Don’t open email attachments that you weren’t expecting. (Malicious spam.)
- Avoid shady web sites. (Self-explanatory.)
- Keep your browsers and plug-ins up-to-date. (Internet Explorer, Firefox, Java, Silverlight; avoid Flash if possible.)
- Use an ad blocker (helps protect against malicious ads from hacked ad servers, a.k.a. “malvertising”).
- We’ll add: It’s absolutely critical to make sure your backups are configured and running properly. A valid recent backup is your best way to avoid paying the ransom if you get hit.
What to Do if You Get Hit by Ransomware
- Call TAZ Networks immediately. (After hours? Put in a critical-level ticket.)
- Do NOT connect your computer to any other device or network drive. Turn it off and unplug it.
- Shut off any auto-backups.
- Don’t pay the ransom! (Paying does not guarantee you’ll get your access back, AND it funds more criminal activity.)
What questions do you have about network security and how to protect your business?