Tag Archive for: phishing

Fact or False? Breaking Down Ransomware Myths

On average, every 39 seconds, cyber criminals are attacking. (University of Maryland) Ransomware is a threat to every business, organization, and industry that contains data. The destruction that ransomware attacks cause can be devastating, leaving businesses, leaders, and executives in a world of hurt. With ransomware happening at an increasing rate, there is a lot of information about ransomware that can sometimes be overwhelming. We are going to sort through the constant stream of overwhelming information to determine which statements about ransomware are FACT and which statements are FALSE.

#1 – Cyber criminals target large corporations in ransomware attacks.

FALSE! While large enterprises and organizations are not immune to ransomware attacks, cyber criminals understand the opportunity that lies beyond the big names. The small business and mid-sized markets may even be at a higher risk. In 2018, 71% of ransomware attacks targeted small businesses (Beazley Breach Response Services)

#2 – If you pay the ransom, you will get your data back.

FALSE! Although all businesses and organizations are consistently encouraged to do everything they can to NOT pay the ransom, as this only encourages the hackers’ behavior, paying the ransom has not proven to be the most reliable solution either. According to TechNewsWorld “there’s a one in five chance you won’t get your data back.” This could happen for a variety of reasons, the decryption system may fail, cybercriminals may demand more money, and they could target you again.

#3 – It has been estimated that Baltimore City has paid more than $18 million dollars trying to recover from a ransomware attack.

FACT! After the city’s computer system was hit with a ransomware infection in May of last year, the government did as is typically encouraged in these situations, and did not pay the ransom. This attack affected airports, hospitals, ATM’s, and other organizations critical to the day-to-day function of the city. Since May 2019, the city continues to put forth effort to rebuild their systems. It has been estimated that over $18 million dollars have been spent recovering from this horrific attack. (Engadget)

#4 – Most ransomware creators demand payment in cryptocurrencies, chiefly bitcoin.

FACT! There are several reasons Bitcoin has been the common payment demanded, the first of which is because it is easily accessible. Bitcoin can be purchased via an exchange using a credit card, debit card, or bank transfer. This makes it more likely for victims to pay the ransom. Bitcoin also offers anonymity which allows the attacker to take their ransom payments and continue on with their identities hidden. (Emsisoft)

#5 – Ransomware attacks are always sophisticated and specifically targeted. 

FALSE! Although some ransomware attacks may be targeted toward a specific organization, this is not always the case. Because many ransomware attacks start by the click of a suspicious link in an email, criminals will run spam email campaigns with the hope that someone will click the link and unknowingly download their ransomware.

Ransomware is not going anywhere anytime soon. Educate yourself and your staff about the risks and where your business or organization may be vulnerable to an attack. Most importantly, be prepared. Create a data backup and recovery plan to ensure you will be protected.

Trinsio provides Rubrik’s award winning data backup and recovery technology to your small businesses and organizations, giving you an opportunity to utilize the same technology used by the U.S. Department of Defense, but for a cost that can be affordable for you.

I’ve Been Hit by Ransomware… What Now?

In an article titled “Best practices to remediate a ransomware attack” published through Business & Finance, Filip Verloy, Field CTO EMEA of Rubrik says, “As the use of remote working rises, so do potential threats and vulnerabilities, especially within a smaller business which might not have stringent home working security measures in place. People have been forced to adopt new ways of working at an accelerated pace.” Verloy states the importance of protecting your company from cyberattacks that could come as a result of remote working. He advises every company to “create a ‘work from home guide’ for employees, explain which tools are ok, what basic security measures are expected, and who is responsible for implementing them.”

The FBI has estimated that ransomware will be a $1 billion market in 2021. If a company or organization is not prepared, they may feel that paying the ransom is their only option. The recovery process can be very difficult because it is both expensive, and there is no guarantee you’ll get all your files back. Waiting until you fall victim to a cyberattack in order to develop a data recovery plan is not effective and can be detrimental to your business. It is important to decide now on a backup and recovery solution to ensure your data is secure.

Business & Finance published “Best practices to remediate a ransomware attack” to help you develop your ransomware remediation plan just in case an attack occurs.

You Have Been Hit by Ransomware – What Now?

1. Isolate the infected station from the network.

This is done to prevent the infection from spreading to other devices. Disconnect the network cable, WiFi, USB’s, etc. and turn the power off the affected devices to try and contain the damage.

2. Ensure backups have not been compromised.

Be sure backup data is not in read/write mode because it can be manipulated or deleted by the attacker.

3. Identify the infection.

Ask yourself the following questions: What kind of ransomware are you facing? How did it enter your system? Phishing scam? Stolen user credentials?

4. Determine your options.

There are several options available as you try to recover from an attack: pay the ransom, try to remove the malware, and recover from backups. Unfortunately, paying a ransom does not guarantee the recovery of all your data, and may encourage the attacker further because their attack was successful. Trying to remove the malware has become increasingly difficult as ransomware has become more sophisticated and mutates frequently. If you have a robust backup system, you should be able to restore all data from the most recent backup without paying the ransom.

After you have taken these steps, be sure to notify your team, discover which files are corrupted, restore your files, and inform law enforcement, customers, and other authorities. 

How to Prepare

One of the best ways to prepare for a ransomware attack is to make sure your data is backed up in multiple places. Joel Witts with Expert Insights said, “In the event of a ransomware attack, backing up data means you will be able to mitigate the loss of any encrypted files and regain functionality of systems.”

Trinsio offers full-featured, Rubrik-powered data management with global searchability, instant recovery, and data immutability. We also offer local and cloud data replication to be sure your data is secure. With more than 30+ years of experience in cloud, data center colocation, and communications, Trinsio can provide you with a solution you can trust.