Beware of Ransomware

April 29, 2016

Anyone with data, from individual mobile device users to major institutions, can fall victim to the ransomware shakedown. The LA Times is calling 2016 the “year of ransomware”, an ominous era when cyber criminals are employing old-school mob tactics to extort organizations by holding data hostage. What can be done to protect your business from paying money to criminals restricting information that is rightfully yours?
What is ransomware?
This form of malicious software infiltrates and encrypts an organization’s data, effectively holding it hostage until a mandatory sum is paid. Usually, this malware enters organizations through an infected email attachment or a hacked website, passes through cybersecurity measures in a dormant state and awakens to wreak havoc on network systems.

Why ransomware?
The ability to make money without actually stealing anything is appealing to cyber criminals. In other forms of digital breaking and entering, the stolen data must appeal to potential buyers. With ransomware, the encrypted data can be worthless to anyone outside of the organization, and a hacker can still come away with a profit.

To get victims to pay up, hackers tend to ask for ransoms in relatively small amounts — in the hundreds and thousands, not millions. The lesser amounts are often seen as more of a nuisance by the victims and usually paid without much resistance; the same way paying the neighborhood tough guy not to break your shop’s windows was just another local tax. Because of the general ease of cyber extortion, the practice is becoming much more prevalent.

Who is at risk?
Because hackers, like any criminal, target the vulnerable, any organization that keeps their data in one central location is at risk. Hospitals and government entities with outdated infrastructure have been particularly targeted.

What are the effects?
Digital racketeers strong-arm victims of ransomware into paying money for data the victim already owns. When an organization is hacked, the aggressors effectively shut down your systems. The fastest way to get up and running again is to surrender to the demands of the hostage-takers and fork over the money to reclaim the critical information that the organization requires to function.

The costs of ransomware attacks don’t end with the ransom payment. The real cost comes from the downtime caused by the encrypted files. With the average cost of downtime across industries at $5,600 per minute, the ransom itself can seem to be an insignificant sum in comparison to the costs incurred in a lengthy standoff.

Earlier this year, a California Medical Center opted to pay $17,000 ransom to hackers after two weeks under cyber siege. During that fortnight without data, the organization reverted to paper records and diverted emergency patients to other area facilities.

In addition to the direct costs, the negative publicity can have a detrimental effect on organizations, diminishing consumer trust over perceived lack of cybersecurity measures.

So, how do you protect your organization from being the next victim?
Like anything else, the best protection is to minimize your vulnerability. One way is to back up your data off premises. Backed-up data enables you to effectively “ignore the hostage” by letting the hackers keep your data locked because you have a copy. Cloud storage offers an effective means of data redundancy to minimize the effects of a ransomware attack. If your organization is attacked, you have the option of wiping the system clean and starting over by restoring cloud data.

But, that restoration process can add to the cost in the form of downtime. Having a disaster recovery plan is another essential strategy to restoring operations as soon as possible. Proactive implementation of a cloud disaster recovery solution is a critical step to maximizing uptime even in the event of a malicious attack.

Back up your data and create your disaster recovery strategy to keep your organization running as cyber threats continue to evolve.