Malware: the next tech battleground
Between malware that secrets away your information and ransomware that encrypts all of a business’ files and programs necessary for daily operation, using a computer today feels like walking through a minefield. Blindfolded.
What is Malware?
Malware is any software that is released with the intent to damage or disable a computer. And there are many types. The most common form we’ve seen hurting businesses, though, is ransomware. This type of malware is often created by government-funded hackers that lock down all of the computers and servers connected to a business’s network. The software then holds the encrypted data hostage and unusable until a ransom is paid.
Ransomware first appeared on the internet in the 80s, but did not gain traction until 2013 with the infamous Cryptolocker virus. This program was created by a Russian hacker group and ended up raking in about $27 million during the three months it was active. Since then, various nefarious organizations, cartels and cyber-gangs have modified the basic model Cryptolocker set. Such high profile targets like the NHS of England and Telefonica (the Spanish equivalent of AT&T or Verizon) were brought to a standstill in June 2017. Even today, nearly a year later, businesses without proper ransomware detection and loss mitigation protocols in place are at risk.
How to Prevent a Ransomware Attack?
A successful defense against ransomware means actively monitoring for threats. MalwareBytes Premium and Vipre are threat detection software products that constantly scan what users are doing in real time to block any sort of malfeasance someone may encounter when connected to the web. In addition to scanning websites, these programs also scan downloads from cloud-based services like DropBox or Google Drive for added security.
In the event that a virus was to get beyond this initial line of defense, an antivirus program would be responsible for finding and neutralizing any threat. These programs inspect every file on the computer at regular intervals and look for the “tracks” that a virus would leave (e.g. a changed folder or access permission).
You Got Hacked. Now What?
So what happens if you fall victim to a ransomware attack? You’ll be locked out of all of your systems and unable to access any of your corporate data. You’ll be tempted to pay to try and get your data back. Do NOT, under any circumstances, pay the ransom.
You’re betting that the people already committing a crime will stick to their word. Not likely.
That leaves three options: recover the data somehow, start over with no data or restore from a previous backup.
There are few viruses that leave data in a recoverable state, so the first option is unlikely to work.
You could wipe all of your computers and start over if you aren’t required by law to keep data for a certain period of time. It’s an uncomfortable solution and one you probably won’t want to use if you store all of your business-critical data on your computer.
Your last, and best, option is to restore from a previous backup. Ideally you’ve backed up all of your data every single night. If you haven’t, start. In the event of a total system compromise, you’d only lose 24 hours’ worth of data. Putting it in the cloud doubles your chances of being able to recover all encrypted data in the event of a ransomware attack.
Malware is now a part of the business world. It’s the unfortunate reality to which you’re going to have to adjust if you want to continue doing business. As a business owner, it isn’t hard to justify the cost to back up your data or run anti-threat detection and antivirus software to stop an attack in its tracks. The most common source of malware, though, is your users. If they don’t know how to identify and avoid it, you’ll always find yourself living on the edge.