Ransomware: Are You Prepared?
NJ Businesses are Falling Victim to Ransomware
It is estimated that one in three businesses in NJ have been hit by Cryptolocker or other variants of ransomware in the last 18 months. These vary from small to mid-size and even larger organizations in the state. Considering that the vast majority of breaches in NJ are still not reported, this number is staggering. Many businesses have not kept pace with the bad guys in securing their networks, and unfortunately have become victims as a result.
Just last week, we assisted a local NJ business that came to us after struggling for a week on their own to recover from a ransomware attack. Safeguards were in place, but their security posture lax. The antivirus was renewed religiously every year and it was assumed an old firewall was still protecting them. It was also assumed the computer guy was doing his part to keep the business secure.
They were wrong, and ignorance was not bliss. The old, out-of-date firewall provided little protection against current threats. The antivirus was ineffective in stopping the invasive ransomware once the infected email link was clicked. The computer guy was fixing issues as they arose, but they never asked (and he never offered) any sort of upgrades or management of their cybersecurity. The ransomware quickly spread from the lawyer’s PC to the network and soon encrypted the entire server network. An online backup had been established the prior year, but it hadn’t been running in 6 months. No one had bothered to check, and there were no other backups.
Decryption keys are available for some types of older ransomware which makes recovering data fairly easy. However, this strain of ransomware was new and breaking the encryption without the decryption keys is virtually impossible. The FBI recommends against paying a ransom. After all, there is no guarantee you will get your data once you pay. The business decided to pay the ransom as well as restore from the 6 month old backup. Trying to run your business with old data is no enviable task, let alone downloading the entire back up through an Internet connection.
It took over 2 days to download the data, and it turned out to have very little value to the company.
Luckily, their email system was not encrypted, so they recovered some recent files from email attachments. The remaining files were either recreated or a copy requested from other parties. What a hassle and embarrassment.
Paying a ransom is also no easy task. Bitcoins must be purchased through a public exchange and then transferred to the bad guys over the “dark web” with the hope you receive your decryption keys. The senior partner at this business wasn’t comfortable providing his ID and credit card to open up a Bitcoin account, so a manual verification process was required. Over a week later, they were still waiting to get their account funded. An entire week without your data can put you out of business.
However, just having a good backup is not the end of the story. According to the NJ Identity Theft Protection Act, all data breaches including ransomware may require a breach notice. Breach notices not only increase the monetary cost of a security incident; they can be devastating to a business’s reputation.
The moral of the story: BE PREPARED.
By the time the business came to us, there was very little we could do.
Don’t wait until it is too late.
Do not bet the livelihood of your business on a backup. Safeguards are available that can ensure almost zero likelihood of infection at little to no cost. You owe it to your staff, clients and professional reputation to use due diligence in securing your business. Find a Cybersecurity expert who can evaluate your current situation, and make sure you are secure.
Our SECaaS program is only the first of our five cyber security services. Even more security, custom fitted to your company’s needs? How could you NOT want to learn more about our cyber security services? Don’t worry — we’ll tell you everything you want to know!
Was this article helpful?
For more information about how Domain Computer Services can benefit you.
Working from home made easy.As you know, we are in the midst of a very trying time for society and business in general. That is why Domain as a technology company, is reaching out to provide value through education by sharing some helpful tips for working from home....
We know you are likely getting an email every 5 minutes from other vendors and partners regarding COVID-19 so we'll make this brief.Domain staff are all working remotely and 100% ready to help you leverage technology to continue business during this pandemic. We...
You need to get off of Windows 7, not because it will immediately stop working, but because they are going to stop updating those operating systems on January 14, 2020.