IS YOUR DATA SAFE FROM RANSOMWARE ATTACKS?

On Friday, May 12th 2017 the WannaCry ransomware attack targeted more than 230,000 computers in over 150 countries, including hospitals, factories, schools and small businesses, all running Microsoft Windows operating system.  The perpetrators took advantage of a vulnerability in Windows’ Server Message Block protocol to encrypt business data and demand ransom payments in the form of Bitcoin cryptocurrency in order to regain access to the infected business data.

The WannaCry attack is quite possibly the most severe ransomware outbreak in history but it is far from the only ransomware threat.  In 2016, ransomware attacks targeting businesses tripled, with one attack taking place every 40 seconds and affecting one in five businesses worldwide.

(Update) Just a few weeks after publishing this post, on June 27th 2017, another ransomware attack rocked the world.  This one is being called Petya or notPetya because of its superficial resemblance to the Petya ransomware.  The big difference between Petya ransomware we’ve seen before and notPetya from the recent attack is that Petya’s purpose was always to collect ransom.  It was always about the money.  But notPetya seems to be aimed towards creating mayham rather than millionaires.  Like the WannaCry attack, it takes advantage of Microsoft’s EternalBlue vulnerabilities but adds the EternalRomance SMB exploit and phishing emails to their list of tools used in order to gain administrative access on a computer in order to spread to the network.

What Is Ransomware?

Ransomware is sophisticated malware that encrypts and blocks access to your data, files, applications, servers or computers until you pay a large sum of money within a specific timeframe, hence the term “ransom.” Until you pay the attacker the money demanded, your system is inaccessible and essentially useless and at the end of the specified timeframe your data will either be destroyed or the ransom amount is substantially increased.  Even those that decide to pay the ransom, oftentimes don’t regain access to their files.

Ransomware wasn’t a substantial threat until around 2013 when individual PCs could be infected with the malware.  These early versions had minimal impact until around 2014 when network data could be targeted.  By 2016, attackers could not only corrupt your network data but also your backup data.  Today, ransomware attackers could potentially gain access to your business data long before you’ve even been given the opportunity to pay for its safe return.  Meaning, you will be required to notify your customers of the breach of data.

The WannaCry attack was spread laterally through computers on the same network as those affected and by using Microsoft’s SMB vulnerability to reach random computers through the internet, there are a myriad of ways that attackers can attack your data – emails, websites, thumb drives and more.  Spam and phishing are the most common methods of distribution of malware.  Some common types of ransomware include CryptoLockerCryptoWallCTB-LockerLockyTeslaCrypt, and TorrentLocker.  Attackers regularly alter their programs in order to avoid antivirus detection.

Why Target Small-To-Midsized Businesses?

Your small or mid-sized business isn’t too small to be targeted.  Quite the opposite, small businesses are big targets and are being targeted more and more often.  This is because small businesses often don’t have a dedicated IT professional, or stretch the IT teams thin and rely on legacy, outdated technology.  Small businesses rely on big data just as heavily as fortune 500 organizations, and yet tend to operate without digital asset management and data protections in place to defend against malware attacks.  Thankfully, there are precautions you can take to deter attackers and protect your business against ransomware attacks.

Protect Your Business Against Ransomware

A little bit of education and the right software goes a long way when it comes to protecting your business against ransomware.  A proper protection strategy should utilize a three-pronged approach, focusing on education, security and backup.

Education

Your employees are the first line of defense protecting your business data.  Ransomware, like many other exploitative crimes, relies on human weakness and naïveté.  The vast majority of cyber security incidents are caused by the innocuous or malicious actions of personnel and so, employees need to be educated to recognize a malicious link or attachment.  When it only takes a single mistake from a single employee to compromise the entire network, every employee must be educated and be given the resources to recognize a threat before business data is compromised.  Ultimately, personnel are potentially the strongest but often the weakest link in organizational security.  Basic cybersecurity training and threat awareness is cost effective and can go a long way in protecting vital business data.

Security

The WannaCry attack took advantage of a weakness that had been identified and patched by Microsoft months earlier.  The 230,000 computers affected failed to apply the patch and were left susceptible to attack.  To keep your business data secure, be sure to update and apply up-to-date patches to all business applications to minimize vulnerabilities.  Antivirus software should be considered an absolute necessity in order to protect against known ransomware and cybersecurity threats.  As hundreds or more types of ransomware are developed daily, it’s vital that your antivirus is kept up-to-date also.  Even businesses that educate their employees and invest in the best security software can be breached which is why every business needs a backup plan.

Backup

When all else fails, organizations who have implemented backup and recovery plans can avoid submitting to paying a ransom to salvage their data by simply restoring data from archives.  By rolling back your data to a point in time before the corruption occurred, you can avoid paying the ransom and be sure that your data is safe and clean.  The key here is to retroactively implement a backup and recovery plan that captures a series of “snap shot” recovery points to ensure that your business is able to stay up and running when disaster strikes.

Ransomware attacks are on the rise.  The WannaCry attack was possibly the largest scale attack in history, but it won’t be the last.  You need to protect your vital business data including Personally Identifiable Information (PII) of your customers, but also your employees, vendors and partners.  By educating your employees, keeping your business applications up-to-date and patched, and developing a backup and recovery plan, you can stay one step ahead of this growing threat while avoiding paying ransoms, loss of data and downtime.

If you’d like to inquire about the security of your ERP solutions or other business applications please contact us today!


Solutions by Industry

What's New

Make the Most of Acumatica and Sage 100 Features

Maximizing the benefits of Acumatica and Sage 100 requires a strategic approach, tailored customizations, and expert guidance. Read More

Submitted by Stephanie Dean on Thu, 10/24/24 - 5:00

Strategies for Optimizing ERP Performance

Implementing an ERP system is only the beginning. Optimizing its performance is where true value and competitive advantage are realized. Read More

Submitted by Stephanie Dean on Tue, 10/22/24 - 5:00

The ACC Advantage: Enhance Your Experience

Choosing the right software partner is crucial to the success of your business, and ACC Software Solutions is here to be that partner for you. Read More

Submitted by Stephanie Dean on Thu, 10/17/24 - 5:00

Whatever Your ERP Needs, We Have the Solution!

Or call us for a free consultation 866-379-3799