Protecting Yourself Against Ransomware
Originally published in the Honolulu Star-Advertiser, June 15, 2021
The recent ransomware attack on Colonial Pipeline Co. was a highly publicized incident in a string of attacks that have plagued businesses and government agencies at an ever-increasing rate. The Colonial incident was just the tip of the iceberg, concealing numerous other less publicized events. What can folks do to avoid such an attack?
First, it is no exaggeration to state that ransomware is the single biggest concern of IT professionals worldwide. Many consider a ransomware attack to be an RGE (resume generation event), that is, if your shop gets hit with ransomware, you better polish up your resume because you’re going to need a new job soon.
But the fact of the matter is that it can be very difficult to protect against contemporary ransomware. No longer consisting of just quick, smash and grab jobs, successful attacks are played out over a longer period of time. Weeks if not months can go by after your systems are infiltrated before you are hit with a demand of ransom.
Of course, with the ransom comes consequences. In a nutshell, you are prevented from accessing the data on your systems. We are also seeing ransomware attacks evolving to data theft and threat of release of such data. Pay the ransom, and access is restored. And the bad guys ‘promise’ not to release your data.
So-called ‘soft’ targets are being victimized more and more. A soft target is generally someone who might not be as focused on cyber security as financial institutions or certain government agencies. And ransomware perpetrators do their research. The ransom is usually set at an ‘affordable’ price, for small businesses, the ransom might be $5000 or $10,000. In the case of Colonial, the ransom was reportedly near $5,000.000.
Many victims have quietly paid the ransom, but results have been mixed. After all, it’s not like you can call the Better Business Bureau or Office of Consumer Protection on the purveyors of ransomware. In the Colonial incident, the US Department of Justice was able to recover a significant portion of the ransom paid to the perpetrators. But folks cannot expect this to be the solution for all of their ransomware woes.
Is there a solution? A cornerstone of a protection strategy is a good backup. IT professionals have been preaching about backups since computers were invented, and back in the day, we used to say ‘any backup is better than nothing.’ While that adage still holds true, ransomware attacks have been known to compromise backups. Simply copying files to an external hard drive or the cloud just won’t cut it anymore. A reliable commercial backup product will go a long way towards mitigating exposure to ransomware.
Perhaps most importantly of all, anti-ransomware software on the desktop is key. Old-school anti-malware products rely upon databases that are out-of-date as soon as they are released. Instead, a good anti-ransomware product will detect ransomware-like behavior and stop it in its tracks. A modular approach may be necessary with an anti-ransomware solution side-by-side with a traditional anti-malware product.
Cybersecurity Means Your Peace of Mind
Our Cybersecurity Services protect businesses all over Los Angeles…
InclusiveTech helped us upgrade our home-grown SharePoint site to SharePoint 2013. They consolidated internal and external sites for better maintenance and tight security, and also performed a data conversion/migration of our database to SQL 2012.
— Inland Empire Health Plan
InclusiveTech conducts our annual Cybersecurity Risk Analysis, and manages our entire organization’s I.T., including PC’s, network, phones, cloud based EMR system, and x-ray system.
— Los Angeles-based Orthopedic Specialist
InclusiveTech is offering you a FREE Cybersecurity and Technology Risk Assessment!
Whether you have an upcoming cybersecurity report to make to your board, or you’re just curious to know if your security can pass the test of InclusiveTech’s I.T. Ninjas, take advantage of this limited-time offer today!
YES! I want a FREE Cybersecurity and Technology Risk Assessment!
Please provide your contact details with the best time for us to call you:
Ask us about our comprehensive, cloud-based endpoint management and anti-ransomware software suite for Windows.