Broker Check

Be Prepared for a Ransomware Attack

Adopt measures to combat infiltration

Cybersecurity remains a prominent concern in the business community. Add this to the growing list: Ransomware. According to recent statistics, ransomware attacks increased 41% in 2019 and caused more than 200,000 businesses to lose access to their files. It is estimated that a business is victimized by a ransomware attack every 14 seconds—or sooner.

Ransomware is malware designed to prevent you from accessing your computer files until you agree to meet the attacker’s demands, In other words, your computer system is held for ransom. Initially, ransomware perpetrators targeted mostly individuals, but the main focus has lately shifted to attacks against the business sector.  Currently, criminals often request payment in cryptotocurrency, such as Bitcoin. No matter what size or industry, no business is immune.

How does ransomware infect your computer? Typically, someone in your office, or a remote worker who has access to your system, receives an email designed to look like it comes from a reputable business source or a well-known friend or family member. The email seems harmless enough on its face, but it may be booby-trapped with an attachment—like a Word file or a pdf—or a link.

Once you open the attachment or click on the link, the ransomware does the dirty work.  Then you are at the mercy of the cyber crooks. To add to the threat, the criminals often pose as law enforcement officials or representatives of the IRS, FBI or other agencies to coerce you into paying up.

A similar strain of ransomware involves “malvertising.” As the name implies, this is malicious advertising that can infiltrate your system without any action on your part. For instance, if you are browsing the web and come across a malicious ad, it may infect your computer, even if you do nothing further.

The best defense is a good offense. Consider the following steps for protecting your business interests.

  • Do not automatically click on links or open attachments, Try to verify the authenticity of the source first.
  • If you are uncertain, carefully check the veracity of the source through a contact that has been legitimate in the past (e.g., an email address in your history).
  • Keep up with updates. Install legitimate patches that are sent your way. Ensure that your operating systems and applications reflect the latest changes.
  • Rely on cybersecurity measures. These include firewalls, antivirus software and email filters. Again, install updates you are notified about.
  • Train employees to identify ransomware. One good training method simulates ransomware schemes.
  • Back up your files. Follow procedures for your system. In the event of a ransomware invasion, you may be able to use the back-ups to restore the system without paying the criminals. To be even safer, store back-ups in a secure location outside the office.

If ransomware infects your computer system, immediately contact an IT expert to take steps to remove the malware and restore your system. But be aware that files will remain decrypted. This serves as a reminder to be proactive about cybersecurity measures.