Ransomware attacks continue to plague businesses of all sizes including tiny firms, possibly costing U.S. business $100 billion this year. Healthcare firms and even religious organizations have been targeted. Students are also a prime target. While, individuals are targeted too, most hackers go where the money is.
The official definition of ransomware: a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.
The ransom fees sought vary between $200 to $10,000 for individuals. But for businesses, the ransom fees can run $50,000 or more.
The American Bankers Association offers this helpful advice for small businesses.
Business Ransomware Advice
Educate Your Employees
Employees can serve as a first line of defense to combat online threats and can actively help stop malware from infiltrating the organization’s system. A strong security program paired with employee education about the warning signs, safe practices, and responses aid tremendously in preventing these threats.
Manage the Use of Privileged Accounts
Restrict users’ ability to install and run software applications on network devices, in an effort to limit your networks exposure to malware.
Employ a Data Backup and Recovery Plan for All Critical Information
Backups are essential for lessening the impact of potential malware threats. Store the data in a separate device or offline in order to access it in the event of a ransomware attack.
Make Sure All Business Devices are Up to Date
Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans so your operating systems operate efficiently.
Call immediately to report a ransomware event and request assistance.
Personal Ransomware Advice
Spear Phishing Emails
The sender appears to be someone you may know or someone relevant to your business. The message is often personalized, and may include your name or a reference to a recent transaction.
Advertisements or Pop-Up Windows
Your computer freezes, and a pop-up message appears. The message may threaten a loss of your files or information, or may also tell you your files have been encrypted.
Ransomware is also present in downloadable games or file-sharing applications.
Always back up your files and save them offline or in the cloud.
Always use antivirus software and a firewall. Be sure they are set to update automatically.
Enable pop-up blockers.
Be cautious when opening emails or attachments you don’t recognize -even if the message come from someone in your contact list.
Only download software from sites you know and trust.
Alert your local law enforcement agency a soon as you encounter a potential attack.
The Hollywood Presbyterian Medical Center paid a ransom of 40 Bitcoins ($17,000 at the time) after they were hit by a ransomware attack that knocked the hospital’s network offline.
MedStar Health was hit with ransomware and asked to pay 45 Bitcoins ($19,000 at the time) but reportedly the health company was able to bring their systems online without paying the ransom.
The University of Calgary paid $20,000 CDN ($16,129 USD) after ransomware crippled multiple systems. FedEx attributed a $300 million loss in 2017 earnings report to the NotPetya ransomware attack. The company reportedly did not have cybersecurity insurance. NotPeyta’s losses could exceed $1 billion.
A Massachusetts school district paid $10,000 in Bitcoin after a ransomware attack in April 2018.
After getting hit by the SamSam ransomware in March 2018, Atlanta, Georgia, has spent more than $5 million rebuilding its computer network, including spending nearly $3 million hiring emergency consultants and crisis managers.