It’s a normal Thursday morning. You unlock your business, preparing to open for the day. You turn on the lights, set down your stuff, and log in to your computer.
Or try to.
Your computer screen is frozen on a very scary-looking screen that says that your computer has been locked and that you have to pay a lot of money to get it back. You try everything you can think of, but the screen stays put very stubbornly. You’re super locked out…and super panicked. You need your computer to run your business! With a sick feeling in your gut, you stare at the screen, wondering how in the world you’re going to get out of this one.
So, what happened? Ransomware happened. We’ll explain what ransomware is and how to avoid falling victim to it.
What is ransomware?
Ransomware if basically software that infects a computer to prevent it from working the way it should. Either the entire thing will be locked, as in the scenario above, or certain files will be encrypted and locked until payment is granted – usually in Bitcoin or other difficult-to-trace currency. Ransomware is becoming a popular go-to for hackers, which is why it’s important to know how to avoid it and how to avoid phishing scams.
There are two types of ransomware: lock-screen and encryption.
Lock-screen is the scenario above in which the entire computer is blocked. You’re left with a ransom note. Sometimes it comes with a very scary and official-looking – but very fake – message from the FBI saying that you’ve violated a US law and that they’ve taken your computer until you pay a major fine. (The FBI wouldn’t resort to this sort of thing if you broke the law. They’d follow proper legal measures, of which ransomware is not a part.)
Encryption ransomware is where some of your files will become encrypted or basically scrambled and unreadable. The hacker will instruct you via pop-up message to buy a decryption (de-scrambler) key from them or all will be lost. And, as you can guess, the encryption key isn’t cheap. Sometimes they give you an action-movie-worthy countdown, too, threatening to erase everything if you don’t pay by the time it hits zero. Or they might threaten to double the fine the more time goes by.
The effects of ransomware:
For businesses, ransomware means downtime, lost productivity, and lost income. You can’t operate without access to your files or system, and that means lost income.
How does ransomware happen in the first place?
Ransomware can impose on computers from access to websites that aren’t super secure or have been compromised. It can also come from opening an email, link, or attachment that’s infected. From there, the ransomware can spread to an entire system or network.
Should I pay the ransom?
Most professionals say no, don’t pay the ransom. There is no guarantee that you’ll actually get your computer or files back, and by paying the cybercriminal you encourage them on their dark path of cybercrime. Plus, you paint a target on your back for future attacks. We’ll talk about ways you can avoid having to pay in a second.
How to prevent ransomware and protect your business.
1. Train your employees about cybersecurity.
Make sure your employees know what ransomware is and how to detect suspicious emails – for example, poor grammar, bad spelling, weird URLs, and funky email addresses are giveaways. It’s important that they know how to protect your business against online scams. You should also make sure that everyone knows what to do if their computer ever gets ransomed and create a protocol for your business.
2. Have backups of your sensitive files and business data/information.
This is how you can avoid having to pay up if you get attacked. If you have a secure, safe, and up-to-date copy of all of your important files, the hacker just lost their leverage. Take that, cybercriminal!
To back up your data, you can use external hard drives and USBs. Yes, it might seem tedious and time-consuming, but it’s important to have backups anyway What if your computer gets fried when the sprinkles go berserk? Yep. Bet you’d be glad to have those backups. Just be sure to remove the drive from your computer and store it in a safe place so hackers can’t get that copy, too.
You can also do cloud backup storage, but be sure to choose a super-secure method with lots of high-level encryption and multi-step authentication.
3. Stay up-to-date with software and security updates.
Updates to your computers’ software and security are extremely important. Hackers find and exploit weak spots, which these updates are usually intended to patch.
Bottom line: give your computer the tools it needs to protect itself. This is a big part of mitigating your business’s IT risks.
4. Install cyber security.
Anti-virus and anti-malware software can protect against malicious attacks. Firewalls are also good, too. Make sure your computer network has a strong line of defense.
5. Consider cyber liability insurance.
Cyber liability insurance protects your business against a variety of computer and internet-related risks. Talk to your agent to find out how cyber liability can protect your business and help you out of a major pickle. Just make sure the policy covers cyber extortion, ransom, and the associated losses (time, income, etc.)
If your business’s computers get taken hostage…
- Don’t pay the ransom.
- Disconnect the computer from the internet so it can’t infect any healthy devices.
- Report the attack to the FBI.
- File a complaint with the Internet Crime Complaint Centre.
- Get help ridding your computers of the ransomware.
- Use your backups to get back on your feet.
Ransomware is pretty terrifying. It’s awful to consider the possibility that someone could use our beloved computers against us. Make sure that you educate your employees about the dangers of ransomware and teach them how to avoid it. Keep up with security updates and consider cyber liability. Protect your business against hackers and online scams.
Do you want to save some money on your business insurance? That’s great! All you have to do to get started with getting your free business insurance quotes is fill out our quote form or give us a call today. Our team of insurance professionals is here to help you get the best insurance at the best possible rate.
Sources:
https://blog.malwarebytes.com/101/2016/03/how-to-beat-ransomware-prevent-dont-react/
https://us.norton.com/internetsecurity-malware-7-tips-to-prevent-ransomware.html