Even if it hasn't already happened to you or your company—you probably know someone who has experienced a ransomware attack. They can be devastating to any business—whether a Fortune 500 corporation or a mom-and-pop local store. Hospitals and government agencies—including school districts, university systems, police departments, cities and counties—are all potentially vulnerable as well.
In the past, the attack often started with a phishing e-mail—that’s phishing with a “ph". The fraudster would send you or a co-worker what appeared to be a legitimate looking e-mail with a link to a website, an invoice, or other document. Once you clicked, you would have now downloaded malware onto your system. As with everything, this scam is growing more sophisticated as fraudsters figure out how to evade e-mail security systems. To that end, the FBI is now seeing cases where fraudsters are avoiding e-mail all together and embedding the malware onto legitimate websites that businesses are likely to use.
Regardless of how the malware got onto your system, it starts to encrypt the files on your computer, and—depending on how your network is set up—can travel throughout the system to infect and encrypt all your company’s files. The malware can often also travel to your cloud-based back-ups and encrypt them, too. The scammers will demand payment—often in bitcoin or virtual currency—to maybe unlock your data.
Needless to say, the damage can be devastating. In Oregon, the FBI has particular concerns about the ability of small and medium-sized businesses' ability to recover if they lose access to customer files and sensitive data.
In this case, a good offense starts with a strong digital defense.
- Make sure that you regularly make offline back-ups of all of your company’s critical data so that you can reconstitute your business right away. Ensure that these backups are completely segregated—both virtually and physically—from your day-to-day operations.
- Educate your employees about good prevention, especially when it comes to identifying and mitigating phishing attacks.
- Patch operating systems, software, and firmware on your digital devices to ensure that they have the latest protections.
- Limit those who have admin access to your system.
- Ensure that antivirus and anti-malware solutions are enabled and set to update automatically.
- Implement software controls to prevent programs from executing from areas where ransomware tends to lurk (such as temporary folders supporting popular Internet browsers).
- Finally, the FBI recommends never paying the ransom as there is no guarantee that the scammer will return your data to you. Beyond that, the money you pay may be used to fund organized crime activity or acts of terrorism while encouraging future criminal activity by these cyber thieves.
Next week, we will look at the ransomware risks you face with your personal devices at home.
If you have been victimized by an online scam, be sure to report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your local FBI office.