the winxnet blog Blog Header Image

The Rise of Ransomware: 3 Key Points

Posted on 4/13/2015 2:46:30 PM by Dr. Eugene Slobodzian
Category: Security & Compliance

winxnet IT security

There was more disturbing news this weekend, this time taking place in Winxnet’s home state of Maine. A computer virus infected the central server for a local law enforcement branch, holding their data hostage until they paid a ransom of $300. This crime was the work of a virus, not a “hack” in the sense of the word as we know it. There was no human actively manipulating their system on the other end. Instead, this was a pre-calculated and automated compromise that could happen to any business of any size. Small and medium-sized organizations are especially ripe targets, as their electronic data is often vital to their business operations. Unfortunately, criminals have figured out that even if this data has no direct value to the attacker (like credit card numbers), it must have value to the business. I have consulted organizations after being struck with ransomware, and without adequate backups, the most cost-effective solution is to pay the ransom, and hope that they can in fact get their information back. It appears that these attacks are on the rise and they hit closer and closer to home.  Here are three key points to consider when working to protect your information:

  1. Education and Training. Most compromises start with a wrong click of a mouse. While healthy IT environments and policies are vital pieces, be sure that your IT provider and staff takes the time to remain educated about the threats. Security awareness is a cornerstone of success.  An ounce of prevention is worth a pound of cure, and this has never been more true with information security today.
  1. Backups, Backups, Backups. Just because you think your data is getting backed up, it does not mean it’s true. Take some time to assure that backups send completion notices, and, most importantly, practice test restores periodically. These controls are important for a variety of reasons, not just because of criminal activity. Unforeseen disasters of all kinds can steal data and disrupt normal business activity. However, if you have all of your information backed up in a redundant and safe place, these disasters don’t have to spell “closed for business”. A strong IT provider will be able to offer your viable options, as well as reporting to prove that the solution is taking place. Also, make sure you interrupt your automatic backup process if the data becomes compromised with ransomware to prevent overwriting the good files with the bad.
  1. Stricter controls. The notion that one bad user click can spell disaster for the whole organization should be a thing of the past. There are a number of inexpensive controls that will allow your company to run securely. These include web content filtering, intrusion detection and prevention, multi-layer virus protection. Your IT or information security provider can help you choose the right controls for the type of data you are protecting and your budget.

Compromises do and will happen, and hind sight is always 20/20. A crime like this can happen to any person or any organization. The majority of cybercrime is not targeted, but opportunistic, and it is important to remember that it just doesn’t happen to “other people”. We are all targets.  With the pros of increased availability and value of our electronic data also come the con of increased risk. If you are worried that your training, IT environment or security controls are not where they need to be in order to protect the life blood of your organization—your data—then it’s time for a conversation.