2016 could be the year of ransomware, and companies need to be prepared to face this malware threat. According to a recent report from Intel Corp’s McAfee Labs, the number of ransomware attacks is expected to grow in 2016, and that could create costly problems for SMBs.
Ransomware is a type of malware that allows a hacker to encrypt files on an infected computer and then demand a ransom be paid in order to decrypt the data. Often, users have no other option than to pay the ransom, which can range anywhere from $200 to $10,000. According to the FBI’s Internet Crime Complaint Center, victims of CryptoWall – one of the most prevalent forms of ransomware – reported more than $18 million in losses between April 2014 and June 2015.
Small businesses are particularly vulnerable to ransomware. According to the Verizon 2015 Data Breach Investigations Report, 23 percent of SMBs that receive phishing emails open them, and 11 percent click on the attachment. That’s why it’s critical for MSPs to educate their small business customers about ransomware and stay up to date on the latest threats.
Here are four points that are important for businesses to keep in mind about ransomware.
1. Users are the final line of defense
Even if you have all the right technical safeguards (such as antivirus software, spam filters and firewalls) in place on a customer’s system, they can still fall victim to ransomware. All it takes is one person who unwittingly clicks on a suspicious link or opens the wrong attachment, and a whole system could be infected.
To help combat this, you need to teach users about what ransomware is, how it can hurt their business and the warning signs they should watch out for. For example, CryptoWall is often spread using files named HELP_DECRYPT in .txt, .html, .url and .png file formats.
2. Seeing is believing
One of the most effective ways to teach your users about ransomware is to show them real examples so they know what an infected email looks like. You can find a number of helpful online quizzes, such as this one from McAfee, that provide a variety of examples and explanations about how to tell the difference.
After a computer is infected with ransomware, a message will be displayed alerting the users and providing instructions on how to pay the ransom. You should show your employees some examples of what these screens look like so they can let you know immediately if they do fall victim to ransomware.
3. Backup supports faster recovery
If a users hit with ransomware, having a recent backup will make it easy for you to restore their operations as quickly and painlessly as possible, saving time and money for both you and your customer. For that reason, having a backup solution in place and regularly testing backups to make sure they’re running properly is a critical part of protecting your business from ransomware. If a user doesn’t have access to a recent backup, your company will likely have no choice but to pay the ransom.
4. Ransomware is always evolving
Malware developers are constantly introducing new and improved ransomware strains, creating new challenges for companies. For example,CryptoWall 4.0 was unleashed in November, adding twists such as encrypting filenames as well as the files themselves, making it nearly impossible to tell files apart. To stay up to date on the latest ransomware news threats, one should follow sites such as Bleeping Computer or the Microsoft Malware Protection Center. Or leave it to your current IT vendors to stay on top of these threats and resources. Any IT vendor worth their weight in salt should already be regular visitors of these sites
At CAM we provide preventative and support solutions for ransomware. We have seen various variants of these bugs and are experienced with dealing with them. Never negotiate with terrorist, and ransomware coders are terrorist to businesses and individuals.