Posted by nbsweb Last updated 27th August 2020 reading time
You might have heard of some of the latest victims of ransomware attacks.
Carnival Cruise Lines and Cognizant Corporation found themselves caught on the business end of costly ransomware attacks as recently as this week, strangling themselves of capital at the worst possible time.
Carnival Cruise Lines is the world’s biggest operator of perhaps the industry most affected by the global pandemic. Meanwhile, Cognizant estimates damages between $50 million and $70 million USD.
Cognizant is struggling to contain costs, and Carnival is seeking remediation from its considerable debt load and nearly non-existent revenue. Losses to preventable accidents are never acceptable, but there has never been a worse time for these companies to suffer an attack.
If multibillion-dollar companies can be vulnerable to ransomware, so can yours. But first off, what is ransomware?
How Ransomware Works
Have you ever had a virus that prevented your computer from booting, or deleted files, or loaded your browser with annoying pop-up ads?
In these cases, there’s not much in it for the author of the virus. The damage has been done, but the author didn’t make any money from destroying your hard drive.
If a run-of-the-mill virus can be compared to an act of vandalism, ransomware can be compared to theft and extortion.
This Is A Holdup
Ransomware is a type of virus that literally holds your data for ransom. Once a computer is infected by a ransomware attack, it begins to encrypt the contents of its hard drive using an unbreakable key, and infects the computer with an inescapable boot splash screen that informs the user that their data is being held for ransom.
A computer locked up this way is completely unusable except to make payment to the hacker. Payment instructions are provided to the likely panicked user, with the promise that the key to unencrypt the hard drive will be provided upon payment.
It Can Spread Easily
One computer being locked down on your network is bad enough. But enterprising ransomware authors have discovered ways to add additional viruses to the package, enabling the software to steal passwords and spread the ransomware and virus package further down your network.
Your entire business could be at risk faster than you think—the NotPetya virus/ransomware combination that attacked Sealand-Maersk took a mere 7 minutes to irreversibly execute. Those 7 minutes cost Sealand Ma between $250 and $300 million USD by the time the mess was sorted out.
Now More Than Ever
It’s easy to think that ransomware is some new wrinkle in hacking, but it’s not.
Ransomware has existed in some form or another since 1989, when the first recorded ransom attack occurred. At the time, ransomware authors were able to extract payments via a number of back-channel methods such as premium-pay text messages and anonymous cash transfers.
New Technology Means New Risks
Payment processors and premium text messages involve third parties, which means more middlemen taking a cut of the profits, and more risk for attracting the attention of law enforcement.
However, the relative anonymity afforded by digital currency has made modern ransomware attacks a more attractive prospect for criminals. Bitcoin is difficult to trace at best, and some currencies such as Monero offer completely anonymous and instantaneous transfers.
Secondly, businesses are just more online and more dependent upon computers and the internet than they’ve ever been before. Connectivity has never been as important as it is now.
More systems and businesses to target means more money is at stake—including yours.
Preventing Ransomware From Attacking Your Business
Fortunately, you can take steps to protect your business from ransomware.
To begin with, most ransomware incidents stem from a user downloading an infected email and launching an installation program attached to the email.
Sometimes these installation files are disguised as other types of files—documents, compressed files, etc.—and the user may not be aware that he or she is actually opening a virus. One type of ransomware actually hides itself within a genuine PDF file, providing another way for the ransomware virus to install itself onto your system.
Prevention Is The Best Cure
You can help protect your company in several ways.
Have you ever received an email from ‘Paypal’ or ‘Netflix’, but hovering your mouse over the address reveals a completely different and obviously fake-looking address, such as firstname.lastname@example.org?
Your employees should follow safe email handling practices. These practices include verifying the sender and looking over the entire email before opening any attachments.
Secondly, you should use an email scanning system to evaluate each of your company’s incoming emails for spam content or malicious attachments.
A good email scanning system will block nearly all malicious attachments before your employees even have to look at them.
Additionally, a policy to prevent users from executing unknown files will help narrow your company’s window of vulnerability even further.
Finally, maintaining backups of essential systems can provide a recovery point in case everything else fails.
You can never be too prepared when it comes to protecting your business.
Ransomware isn’t just another virus—it can cripple or destroy even the largest corporations in the world.
Keep your network safe from ransomware by implementing good IT practices, and protect your systems with powerful defensive measures. Your customers will thank you for it!