It is estimated that 60 percent of small businesses hit by cyber-attacks end up going out of business – National Cyber Security

As alarming as this may sound, we really hope that such a shocking statistic will hit home for local Perth small business owners; who may still be very blasé about the severity of ransomware. The reality today is that ransomware is not picky and targets network systems of all sizes, whether you’re a small, medium or enterprise business; nor is it limited to industry.  Being proactive with your IT security will aid in heavily reducing the chances of an attack and/or the ability to recover from such malware.

Ransomware – Is your small business willing to risk everything?

So, what is ransomware? In simple terms, ransomware can be defined as virtual extortion; where as the cyber-crims prey on vulnerable computer systems and lenient internal staff procedures. Typically once access is gained through a number of attacks, data is locked, with the encryption keys held ransom until the money is paid. More recently, variants of ransomware are targeting Internet of Things (IoT) devices and rather than locking files it targets to take control of the interconnected systems (e.g. vehicles, power systems, cool rooms, etc.) rendering them useless until the ransom is paid.

The below goes through the basic M.O. of a ransomware attack:

  1. Infected either through a website link, email / instant messaging attachment,  or more recently via remote desktop connections (RDP), the ransomware is launched.
  2. The infected system then initiates a connection and begins communication with the cybercriminal’s server and awaits instructions to proceed with encrypting data across the entire network.
  3. A ransom note is then usually delivered on the infected computer system demanding the anonymous crypto-currency known as bitcoin in exchange for the decryption key.
  4. At the same time, the ransomware seeks to spread across the entire internal network from computer system to server to local backups, and at times encrypting over backups.
ACCC Ransomware Statistics 2016

Figure 1: ACCC Ransomware Statistics 2016

The ACCC suggests the below tips to help protect your network from ransomware:

  1. Don’t open email attachments or click on website links within emails or instant messaging applications unless from a verified trusted source – DELETE it immediately (PLEASE NOTE: Unfortunately the email claiming that you have won the Spanish lottery is a hoax, especially since you have more than likely never purchased a ticket).
  2. If you want to access footage or information about major or breaking news, use a reliable news source rather than an unknown web link.
  3. Be wary of so-called “FREE” content ( such as music, games, movies and adult sites) available for download from suspicious looking websites. These websites may install harmful programs in the background without your knowledge, and lead to compromising not only your computer system but your entire IT network.
  4. Preventative maintenance is key, be sure to always keep your computer security up to date with anti-virus and anti-spyware software, and use a reputable firewall (even the in-build Windows one is better than nothing, if you must). Only purchase computer and anti-virus, anti-malware software from a trusted re-seller whether it be online or in person.
  5. Make use of your security software investment to run regular checks for viruses and malware, an automatic schedule of both quick and deep scans are mandatory. A manual scan can also be run using most products if you think your computer’s security has been compromised. Should you still have doubts, contact your security software provider/s or an IT Support professional to assist.
  6. Keep your office networks, computers, servers and mobile devices secured at all times. Update your security software, change passwords and back up your data regularly. Store your backups offsite and in the cloud.

NO IMMUNITY

Organisations with the “it will never happen to me” belief  because they have basic security measures in place need to reassess the seriousness of the ransomware pandemic . Polls from a number of hosted solution providers reveal the following (most of which had a base-layer of security defenses in place).

  • Antivirus & Anti-malware Software, 93%
  • Email and Spam Filters, 77%
  • Patched/Updated Apps, 58%
  • Ad and Pop-up Blockers, 21%

INTERESTING FACTS:

Top 5 Ransomware Families in 2016:

  1. Locky
  2. CryptoWall
  3. CryptXXX
  4. Bitman
  5. Onion (CTB-Locker)

 97% of phishing emails are now known to deliver ransomware to the end-user.