Cybersecurity Insight

Ransomware: What Is It, and How Big of a Threat Is It?

27 Jan

As the snow fell along the East coast this past weekend, I was reminded of the celebrated movie Fargo. Nothing goes to plan as the main character solicits two bumbling crooks to kidnap his wife, hold her for ransom and then collect from his wealthy father in-law; naturally, chaos ensues. The world of computing has a similar feel these days: while it may not be full of snowflakes and sub-zero temperatures, it has plenty of virtual kidnappers.

One way “cyber kidnappers” can take your computer or network hostage is through ransomware, a newer type of cyber attack that infects a computer or computer system with a virus that locks all the files and programs. The only way to unlock the files and read them again is to use a key or code, which is given upon receipt of the ransom payment.

For instance, a cyber criminal will infect a company’s network with a virus that makes applications and files inaccessible, with a note attached to each file detailing how and when the ransom should be paid in order to gain access. This type of attack is covered in an episode of The Good Wife, where the law firm’s computer files are put up for ransom; they pay the ransom and all is well again. However, that’s not always the case in the real world, despite what the FBI and other agencies may suggest. Paying the ransom can just lead to more payment demands, or more viruses. I mean, if you pay once, the criminal can only assume you’ll do it again, right?

How do you fight against ransomware?

Planning, planning, planning. You must have a plan and assume the worst can and will happen; it’s only a matter of time before you’re hit by a crippling cyber attack.

First, make sure you backup your computer and file systems, drives, etc. someplace like the cloud – one that will not be infected or linked to your current computer system. You may even create a full backup to a removable drive of some kind. If you do this consistently it’s actually quite easy to get back up and running from a ransomware attack without too much, if any, damage. Plus, you can avoid paying the hefty ransom – which you certainly don’t want to do.

Secondly, have a disaster recovery plan. If creating the backups is the beginning of the plan, have steps to continue implementation. Who will be responsible for removing the virus and reestablishing the file system? Is it someone in your IT department? Is it a contractor or third party? Always know what which steps to take – this will keep things running smoothly, and most importantly avoids a sense of panic in a tough situation.

Third, don’t think it can’t or won’t happen to you or your business. It could happen to anyone, anywhere, anytime. It is estimated that in 2015 alone ransomware accounted for more than $25M in transferred funds from those infected to those who created the ransomware. That’s a lot of infected computer systems and a lot of people simply paying the ransom, probably more than once.

Planning and taking quick action are the best ways to avoid a serious problem from ransomware. So plan accordingly and take action now to make sure you’re in the clear when disaster tries to strike.