January 04, 2019
How to Protect Your Business from Ransomware Attacks
Holly Dowden is VP of Marketing at Ntiva, a Datto Partner and technology firm that provides managed IT services to commercial and nonprofit businesses. Originally from Canada, Holly has spent almost two decades in the US helping brand and position technology companies. Holly is currently focused on digital marketing strategy for Ntiva, and is a big believer in the power of content marketing (with a little help from paid ads.)
During the holiday season many employees were likely “multi-tasking” – i.e. doing a little bit of online shopping when at work. Which in the scheme of things is no big deal...
Unless you inadvertently click on a link which brings your company to a grinding halt.
Last year at this time, we got a call from a DC-based association who walked in one morning to find their online systems inaccessible.
One of their employees had clicked on an attractive-looking ad while on a familiar shopping website.
The employee was completely unaware that the ad had infected their PC with ransomware, a type of malicious software designed to block access to company data until a ransom is paid.
The employee never noticed the ransom message, and at the end of the day shut down their PC and went home.
It wasn't until the next morning when employees started drifting into work, that they realized that no one could access their Association Management System (AMS.) Multiple employees started to report seeing ransom warnings, that would have looked similar to the one below.
And it wasn’t too long after that when the calls from the association's members came pouring in. Was the website down? What was going on? They couldn’t access their data. Unfortunately, by the time they called Ntiva they had already paid the ransom to the cybercriminals who – surprise! – did not release their data, even after they had followed instructions for a Bitcoin payment.
The High Cost of IT Downtime
It took almost a week to retrieve the data, a very expensive venture with techs working 24 hours a day, not to mention the cost of downtime to the organization. Most employees were unable to do any work at all. When the restoration was complete – and not all of the data could be retrieved due to the nature of their backup and recovery solution – the painful process of notifying their legal counsel, their insurance broker and all of their association members began. Loss of trust is a very difficult state to recover from. It was no surprise that membership dropped off in the following year, although the organization has since worked hard at regaining credibility by creating what we call a cyber-ready position.
Hackers Getting More Sophisticated
Ransomware remains a huge problem for organizations who don’t have a good understanding of the risks, let alone what they should do about it. Hackers have become much more pervasive and sophisticated, and ransomware is now considered the most common type of malware-related data breach. In this particular case, the very legitimate looking ad had a small piece of code deep within it, which when clicked connected the user to the criminal servers that infected the association’s computer and systems. However, most of the time ransomware is spread by phishing, an email that appears to be legitimate and which entices you to click a link or download an attachment. Sometimes they’re so well crafted, they can bypass an organization’s email security, DNS blocking services and even anti-virus software. At this point, you may be asking what on earth you can do about protecting your business if it’s so hard to detect these cyber-attacks. While there is no magic solution, there are definitely steps you can take to mitigate the risk.
Key Steps You Can Take to Protect Your Reputation
The short list begins with having the proper IT infrastructure in place, which also means making sure your software is updated regularly and your network is being monitored 24/7. Regular and consistent employee training on cybersecurity is the next critical step. It’s not just one and done! And perhaps the most important item of all is having the right business continuity and disaster recovery solution (BDR) in place. Unfortunately, we’ve gotten to the point where it’s not “if” but “when” you get hit with a similar situation. Of course, there’s a lot more that can be layered on to enhance your security. If you’re unsure of what protection you have in place, or if you haven’t had a security check-up in a long time, consider reaching out to us for a look under the hood! Your reputation depends on it.
For more content like this, head over to the Ntiva blog and subscribe for weekly updates.