The malware known as CryptoLocker or CryptoWall continues to be a major concern for individuals and companies alike. So much so, that the FBI saw fit to issue a warning just last month and help raise further awareness about the threat.
According to the FBI, this Ransomware continues to evolve, which helps it avoid user’s virus detection software applications – even if they are current. Since April 2014, reported the FBI, there have been 992 incidents of CryptoLocker reported. These occurrences have resulted in the loss of around $18 million.
Read Also: How Much Is Your Data Worth To Criminals?
The Threat Is Real
Ransomware is a computer infection that’s been programmed to encrypt all files of known file types on your local computer and your server’s shared drives. Once it takes hold, it’s all but impossible for you to regain access to the data that’s been infected. Once this happens, you have one of two choices. You can:
- Restore their machine by using backup media, or
- Accommodate the hacker’s demands and pay up.
As a direct result of my experience as an IT audit manager, I have been made aware of several situations in which businesses were left with no choice but to succumb to the demands of malicious cybercriminals carrying out Ransomware attacks. And while the companies I have worked with were finally able to obtain their assailant’s encryption key code to unencrypt and regain access to their data after the ransom was paid, others are not as lucky – after all, the FBI has reported $18 million worth of losses in just over a year. Furthermore, there are no guarantees that you won’t be targeted again in the future.
Preempt A Crisis
While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.
- Implement mandatory computer safety training for all employees and implement and test an IT Disaster Recovery Plan in place.
- Always use reputable antivirus software and a firewall and be sure to keep both up to date.
- Put your popup blockers to good use. Doing so will help remove the temptation to click on an ad that could infect your computer.
- Limit access to company’s data by ensuring that only a few employees have access to certain folders and data. You can facilitate this type of action by conducting annual reviews of your company’s employee access rights.
- Backup all company-owned content. Then if you do become infected, instead of paying the ransom, you can simply have the Ransomware wiped from your system and then reinstall your files once it’s safe again to do so.
- Never click on suspicious emails or attachments, especially if they come from an email address you don’t recognize. And actively avoid websites that raise suspicion.
Shut Down The Attack
If you are surfing the Web and a popup ad or message appears to alert you that a Ransomware attack is in progress, disconnect from the Internet immediately. Breaking the connection between the hacker and your data could help stop the spread of additional infections or data losses. In addition to informing your company’s IT department about the threat or occurrence, be sure to file a complaint with your local law enforcement agency.
Email Rea & Associates to learn more about the importance of your company’s online security.
By Joe Welker, CISA (New Philadelphia office)