2018 was an eventful year for ransomware attacks on North American soil and elsewhere.
In November, the American Justice Department indicted two Iranians for alleged ransomware attacks on 200 government, institutional and private targets in the US, including an attack on the Port of San Diego that disrupted the agency’s information technology systems.
The town of Midland, Ontario, was forced to pay a ransom of bitcoins to unlock town records, and a private hospital in Australia had records of 15 000 heart patients locked in a similar attack.
Hackers have even been embedding infectious ransomware links in ‘sextortion’ emails in which they claim to have evidence of an individual’s lurid conduct.
According to the Philadelphia Enquirer, large institutions are not the only ones being targeted by ransomware pervaders:
“A 2017 study found that more than one in five businesses with less than a thousand employees had experienced a ransomware attack that caused them to stop operations in order to recover and caused an average of $100,000 in losses per incident due to the downtime…”
Ransomware attacks are largely automated, are typically deployed in mass spam campaigns and cost relatively little to administer.
Ransomware kits are even available on Dark Net markets.
Already a multi-billion dollar business, ransomware ventures also appear to be growing.
According to The Inquirer:
“In 2018, security firm SonicWall’s network reported 328.5 million ransomware attacks worldwide, a 120 percent increase from the prior year.”
Luckily, small businesses with small budgets can do much to close the door on ransomware hackers (and “crypt jackers,” for that matter).
- Make sure anti-virus and anti-malware software is in place and subscribed for regular updates. Keep subscriptions up to date. These services are the bare minimum “prophylaxes” needed when “coming into contact with” the Internet.
- Train self and staff. Very often, malware is introduced onto an enterprise’s or institution’s computer system via a phishing email designed to entice the clicking of an infected link. In some cases, specific staff at a target have been intimately profiled and an email crafted to seduce them specifically. For example, a crypto exchange employee was phished using “a nearby dog show email.” After the employee clicked on a link in the email, the exchange was subsequently robbed. Advise staff to eschew opening emails from unknown senders unless they consult with office security personnel first. Consider conducting regular online security tests of employees.
- Back up all files using a cloud or hardware. While this will not resolve data security problems resulting from the theft or locking of company data, it can take the sting off and could prevent you from having to pay a crypto ransom and having business operations indefinitely suspended.
- Keep all operating systems updated. Update all browsers and apps as well. Hackers regularly “hammer” popular software to unearth weaknesses and detect bugs. Updates contain important patches that close these vulnerabilities.
Ransomware attacks cannot only harm customers and cost money in the form of ransom payments. They can also result in long-term reputational harm for a firm.
Observing the tactics listed above should be considered a simple matter of “good computer hygiene” and should also be a matter of routine.