Unfortunately, 2015 was a big year for ransomware, the cybersecurity threat in which hackers “kidnap” user data and demand payment for its return. Though this type of criminal activity isn't new, IT professionals have seen a spike in its usage over the past three years.
What is particularly frightening is the growing sophistication of this form of malware. A few years ago, ransomware would simply freeze the victim’s computer in demand of payment. Nowadays, cybercriminals can go one step further by encrypting sensitive files, effectively giving them the only access key to recover data. Left with little choice, desperate victims often submit and pay the ransom, which can cost thousands of dollars, not to mention the legal bills and loss of profit from downtime.
Naturally, eCommerce businesses are popular targets of malware authors. Fortunately, knowing the six steps below can keep your data safe and your business booming.
- Back Up Your Files. Cybercriminals rely on their victims’ vulnerability to turn a profit. Backing up your files regularly is the simplest form of protection, as it will ensure less data is at risk should an attacker attempt to infect your system.
- Use Layered Security. The active-monitoring capabilities of anti-malware can instantly identify threats, but because malware authors often deploy new variants, it’s important to have a firewall to work as a second layer of protection. Likewise, advanced email security can block malicious URLs in the first place.
- Don’t Ignore Security Updates. How often have you clicked the “Remind Me Later” button after receiving a notification about a security update? You’re not alone. Cybercriminals rely on this common procrastination to target outdated software with known vulnerabilities. Running the latest software versions will decrease your chances of malware infiltration. That said, malware authors have been known to disguise attacks as software updates, so it’s best to enable automatic updates on your computer or go directly to the company’s website.
- Go Offline. As soon as you detect a malware infection, disconnect your computer from the Internet to cut off the attacker’s control. Unfortunately, this step will not prevent encryption if the process has already begun.
- Set the BIOS Clock Back. One of the more well-known types of ransomware is Cryptolocker, which runs a payment timer that significantly increases the price of the encryption key after a certain period of time (generally 72 hours). If you have Windows, setting the BIOS clock to a time within the 72-hour timeframe will help you avoid the higher price should you fall victim to a malware attack and be forced to pay the ransom.
- Notify Others. Let your employees and others in your business network know if you come across suspicious content. Additionally, if your system is infected, report the incident to the FBI’s Internet Crime Complaint Center (IC3). Spreading the world will help prevent future attacks, making the threat ultimately less effective.
Ransomware’s popularity is due to the fact that it’s a relatively easy – and quick – way to turn a profit. Some experts don’t discourage victims from paying the ransom. Their rationale is that because attackers care about the money, not the content of the files, they will return the data once paid. However, other experts point out that because of the illegal nature of their work, cybercriminals are under no obligation to follow through with their end of the deal. Moreover, there have been cases in which decryption failed. All in all, it’s best you don’t end up as a victim in the first place by taking proactive measures for your digital security.
Contact the professionals at San Diego Media today by phone (1.800.808.8696) or by email to learn more about what you can do to prevent falling victim to a ransomware attack.