Ransomware: a growing problem for small business owners

The recent attacks of the malicious “WannaCrypt” software (also known as “WannaCry”) have led many to consider the damage that Ransomware could do to their businesses.

Hackers use Ransomware/ Malware to access confidential information contained within computer systems, sometimes to simply disrupt operations; sometimes for financial gain.

The last twelve months has seen a significant rise in the use of Ransomware – specifically Cryptolocker or Cryptwall malware. This software is used to essentially kidnap information and demand money from a business before releasing access back to the rightful owners.

The typical method of information hijacking via Cryptolocker goes something like this. The virus is spread through email attachments (usually zip or PDF files). These files then encrypt files PCs and share drives and the business is prevented from accessing them. Often the file owner is presented with a pop up message demanding money within a certain time frame to regain access to their computer files. Bitcoin is demanded as payment to obtain access to the files.

With the increased awareness of the potential harm that Ransomware can cause, larger corporations have been investing heavily in cyber security. Hackers are now switching their attention to small and medium size businesses as they make much easier targets.

Negative Impacts of Ransomware Attacks

Besides the obvious monetary cost, there are some other harmful consequences of being hit by a Ransomware attack.

The loss of data can have a crippling impact upon the business’ operations. Even if you pay the ransom there is no guarantee that you will get full access to all your files. Besides the obvious operational risks, the reputational damage to your brand can be even more severe. Customers and supply chain partners can lose confidence in your brand.

There is also some risk of spreading the infection to suppliers and distributors which not only can affect your business relationships but could have legal implications.

The legal implications are far reaching – the potential damage to customer’s privacy and the disclosure of financial details is a huge risk that could result in major damages being paid out.

Any serious attack and resultant downtime will have some affect upon staff morale, particularly if you have no set recovery procedures in place.

How to Reduce the Risk of Ransomware Attacks

There is no foolproof way to prevent Ransomware attacks. However, there are steps you can take to make you a smaller target rather than an easy mark.

  1. Ensure that all of your staff are aware of the risks of Ransomware.  As a minimum consider training that enforces some key principles to be applied when dealing with email including treating emails from unknown or unlikely sources with suspicion, and taking care when sharing information.
  2. Ensure all your systems and software are regularly updated, taking particular care to maintain all computer security and anti-virus systems. (The “Wannacry” Malware didn’t infect Windows machines that were fully updated).
  3. Back up all data and store it regularly in a different media source. Many businesses find cloud storage a viable and easy to use resource. Cloud storage programs include DropBox, Google Drive and Microsoft One Drive. In some cases following severe attacks, the only files that businesses have been able to recover have been those stored in the cloud.
  4. Use multi-factor authentication to access devices.
  5. Conduct a full IT security audit, utilising either a suitably qualified internal resource or an external expert consultant.

What Action to Take If Attacked By Ransomware

Having your staff aware of the potential dangers of a Ransomware attack is crucial in combating an attack.   If an attack occurs you must take the following steps as soon as possible.

  1. Isolate any infected devices from your computer network to reduce the risk of cross-infection of other devices.
  2. Use your security software to remove the malware from the infected PC.
  3. Restore any lost files from your backup data.
  4. Conduct a thorough review of all other devices to ensure that the infection hasn’t spread throughout your network.
  5. Seek expert advice to ensure your system has not been compromised further and to identify any flaws in your current system.

The threats posed by Ransomware are sure to continue to grow and evolve. Having a process to guard against and reduce the risk of attack is simply a ‘must do’ strategy.

Article by John Semmens Technical Director  John@acaciacs.com.au

Leave a reply

Your email address will not be published. Required fields are marked *