Your secret weapon in the war against cyber extortion.
Datto CEO Austin McChord talks about cybersecurity and why he turned down an eight-figure offer for his company (Source: Bloomberg).
Malicious software that locks your files and demands payment to access them.
Ransomware is a term for the many variations of malware that infect computer systems, typically by social engineering schemes.
A cryptovirology attack encrypts critical files and systems and renders them inaccessible to the owner.
Ransomware sometimes marks the files for permanent deletion or publication on the internet. The perpetrators then demand a payment (usually in untraceable cryptocurrency like Bitcoin) for the private key required to decrypt and access the files. Infamous ransomware examples include CryptoLocker, CryptoWall, Locky, Cerber, KeyRanger, SamSam, TeslaCrypt, TorrentLocker, and Reveton.
Cybercriminals who profit greatly by violating businesses that rely on data as a lifeblood.
Ransomware cybercriminals are organised and profitable. It is estimated that this type of attack earns criminals £8 million to £40 million per month.
There are entire ransomware outfits working out of office buildings, making the stealthy and disruptive pieces of malicious software, and designing deceptively simple schemes to infiltrate small to medium sized businesses.
The criminals are business-minded innovators. Recently, a Ransomware-as-a-Service organised cybercrime ring was discovered, which infected around 150,000 victims in 201 countries in July 2016; splitting profits 40% to malware authors and 60% to those who discover new targets.
The overhead is low, the profits are high, the Bitcoin is anonymous, the list of targets is endless, the technology is not overly complicated, and the odds of getting caught are low. Ransomware perpetrators are sophisticated, profit-hungry, cybercriminals on the lookout for unsuspecting SMBs to violate.
In a word: Yes.
Ransomware perpetrators cast a wide net. They target small to medium sized businesses with IT security loopholes, valuable data, and a modest budget to pay the ransom.
If data is important to your business, you are a target.
To get in to your systems, they may send a phishing email to your staff. Because 94% of people can’t distinguish between a real email and a phishing email 100% of the time, they get in. And if they don’t, they try again until someone somewhere clicks the link.
"Researchers have seen a 3,500% increase in the criminal use of net infrastructure that helps run ransomware campaigns."
The proven defense strategy against cyber extortion includes three protection layers: Education, Antivirus, and Total Data Protection.
Educate anyone with access to company email, computers, and servers with a user awareness training program aimed to inform about the dangers of social engineering schemes and phishing scams. Teach good security practices about email attachments and stress the importance of diligence. However, even the most educated and well-meaning staff members are not immune to human error. Education, on its own, is not adequate protection.
Antivirus software is the second layer of a sound defense. Quality antivirus protection can stop thousands of attack attempts per day. In the case that an employee does click a malicious link or downloads a Trojan-containing attachment, antivirus will often save a system from full-blown infection. However, new strains of ransomware are always being created, often at a rate higher than antivirus can protect against them, so eventually, the probability that one infection will succeed is high.
A data protection solution provides the ultimate failsafe in a layered defense strategy against ransomware. A data protection solution will automatically and invisibly take snapshots of your data and systems at regular intervals, and store that data in a secure location. Should ransomware successfully penetrate your layered defenses, you can simply ‘turn back the clock’ to a snapshot of your business before the attack happened. No ransom, no downtime, no problem.
No matter what or where the cybercriminals target, SIRIS will protect physical, virtual, and cloud infrastructures and data. The business continuity offered by Siris will protect you from ransomware.
Even if ransomware damages your data on cloud-based applications like Office 365, Google Apps, or SalesForce, using Backupify protects the data that is the lifeblood of your business.
Ransomware attacks are commonly spread through traditional file syncing, when one user’s infection can spread to others; By using Datto Drive, you can easily roll back to a backup created before the attack.