What is ransomware?
By now if you’re running a business – big or small – you’re well aware of ransomware. You’ve heard of the airports, transportation systems, utilities and hotels that have been attacked. You’re aware that this is a giant problem that costs businesses and governments billions of dollars a year and you know that it’s growing.
You also know that ransomware is malware. You know that when it infects a network it’ll quickly encrypt files on both devices and servers. Once locked, no one in your company can access that data. To unlock the files, you’re then given a choice: pay a ransom or continue to suffer disruption.
While being unable to access your files isn’t a great option, paying the ransom isn’t that much better. Sure, it’s generally a small amount – even as little as $100. But the payment, which is usually transacted using a digital currency like bitcoin, is sent to the hackers with the “understanding” that they’ll hold up to their end of the bargain and send you a key to unlock the encryption. That’s not always the case. In fact, one security firm says that only 19 percent of those paying ransom actually got all their files back from the hackers.
Even if you receive an unlock key – and it actually works – that doesn’t mean you’re completely off the hook either. Today’s hackers are smart enough to leave malware on the devices they’ve infected for future attacks. Others know a victim when they meet one and figure they can return to the scene of the crime in a few months with another attack. Because hey … why not?
How to protect your business from ransomware
So, how best to protect your business from a ransomware attack?
- Install antivirus software
- Back up systems (including software, apps and all business data)
- Invest in cyber awareness and security training (most ransomware attacks occur due to humans inadvertently downloading malware from attachments or fake websites)
- Buy comprehensive cyber insurance
But there’s really just one thing that works the best, and you’re not going to like it because doing it is an annoying pain. But it’s really important: You need to make sure all of your employees’ devices are running the most recent versions of their operating systems. That means Windows, MacOS, Android, Chrome, whatever.
The #1 way to prevent a ransomware attack from happening at all? Turn on “automatic updates.”
When Microsoft tells you it’s time for a Windows upgrade, force it to happen on all of your workers. Do the same when you get similar notifications from Apple and Google. Don’t put it off and don’t ignore these requests.
Why are up-to-date operating systems the ultimate ransomware deterrent?
Because as I write this, the hackers that create ransomware applications are running literally millions of bots all across the internet searching for devices – any devices – that are running out-of-date operating systems that haven’t been updated with protections against the most recent ransomware bots. When they find one, they can attack. Almost always, those devices are attached to a network, and rest assured that these hackers are smart enough to figure out how to get into that network … just as long as there’s even a small opening, which there usually is on that older device.
Unfortunately, the reality is that many of our employees working from home are using older devices. And even if their devices are more current, they’re likely not keeping them up to date with recent upgrades and patches. Ransomware makers know this. And they’re taking advantage.
Don’t believe me? Then believe research, such as this report cited in The Guardian that attributes the enormous rise in ransomware attacks to people working from home.
“Last year was especially egregious,” the report says, “With ransomware victims in the US paying out nearly $350m, according to the global security group the Institute for Security and Technology – a 311% increase over 2019.”
Running the most recent operating system on a device can’t fully protect you. But it’s a huge deterrent. A malware writer is looking for low-hanging fruit. It’s less likely that they’ll spend time trying to infiltrate a current operating system that’s running the most recent protections against intrusions. They’ll go after the older systems that haven’t installed these defenses. You won’t be 100 percent safe. But you’ll be a lot safer. And so will your employees and your company’s data.
Want even more insights? The IRS documents these six protections that everyone, especially tax professionals handling sensitive data, should use.
Customer data and ransomware legal implications
If your company gets hit with an attack and it impacts your business (not to mention any customer data that you might be storing), how do you respond when it’s found that you were running older operating systems on your network? Could an insurance company withhold compensation if that’s the case? Could an attorney looking for a lawsuit see that as an opening?
You know the answer to those questions, just as much as you know what ransomware is.
The reality is that ensuring that your data is secured is a 24/7 job and, at least for most of my clients, well beyond the realm of their expertise. That’s why so many are moving their data and their applications to cloud-based managed services providers that ensure that applications are up to date and data is backed up frequently, in addition to employing the latest monitoring, detection and security tools that can mitigate the impact of ransomware attacks. These services are not perfect. But they’re simply better at doing this than the rest of us.