Ransomware and protecting organizational data
For the last ten years, we have been fighting an organizational scourge that threatens all levels of the SMB marketplace. Ransomware is a malicious file distribution system targeting users of email by tricking them into installing malware. Once the program establishes, it will find all shared files that the user has permissions to view and encrypts them, so they are no longer accessible. For critical business files, this can be a disaster. Without a recent backup of the data, data is lost unless the organization agrees to pay the ransom. The most significant problem here is it empowers the attacker and provides funding for them to expand their operation to target other companies.
Why is this system so pervasive and why does your organization need to pay attention? For starters, no matter the size of your company you are a target. Every business that contacted us for support after the attack didn’t think that they would they would be victims of a cyber attack. They felt their company size or obscurity would protect them from having to deal with a situation like this.
It’s imperative for organizations of all size’s to start protecting their systems with training, secure backups, and improving methods for blocking attacks. There are multiple layers to this process, but they don’t have to dedicate a considerable budget to accomplish these goals. It’s important to understand that the weakest link in any organizations network security are the employee’s that are managing their data every day. They need to be empowered to work in safely and efficiently to keep the business moving.
Some of the things to consider when reviewing network security would be:
Try shutting your server down for one day, hypothetically of course, and try to understand what it would cost your organization. Consider employee time for non-productive paid hours, customer service issues it might cause, credits or rebates for services not rendered that day, and any impact that might have on sales or moving forward. If you have more than a few thousand dollars in mind at this point, your backup plan needs an overhaul. With virtual servers and constant snapshots of your environment you can overcome almost any challenge and keep your organization running no matter what. Now consider that you can spend less to backup for the year than it costs to recover from a day or two without being productive.
It’s a difficult thing to say, and tougher for organizations to hear, but it is the time that all business’ large and small start to take the threat landscape seriously and protect themselves. With mass involvement, organizations can create a “herd” protection system, not unlike vaccinations where the fewer the targets there are, the less malicious hackers can profit from these extortionist schemes, and we should start to move towards a network landscape free from attempts like these.