One of the biggest trends of 2016 is the rise of ransomware — malware that brings a very distinct headache for many who suddenly find themselves in need of an effective data recovery tool . Ransomware takes a number of approaches , from attempting to trick computer users into believing a local police authority has detected illegal software on their computer and that they must pay a fine in order to regain access to the data , to simple extortion by demanding a Bitcoin payment to unlock data the malware has encrypted . With victims from home users to corporations , it seems no one is safe .
Police Department pays ransom to regain data access
One recent high profile case was in Swansea , Massachusetts ( USA ), where the local police department gave up $ 750 to regain access to their computers . This particular version was named CryptoLocker , which found its way into the police department ’ s system when an unsuspecting employee opened a malicious email attachment .
Given the good-old-fashioned advice to never open an email attachment from an untrusted source , one might speculate the user was ill-trained . But these emails can be deceiving , claiming to be from government agencies like the FBI , including official agency logos and disguising the malware as a PDF attachment . Once the attachment was opened , CryptoLocker encrypted all the files on the computer , requiring the victim to pay a fee in exchange for the access code .
All cybercrime roads lead to enterprise
The biggest problem in dealing with threats like Ransomware is poor preparation . While prevention is without doubt better than
cure , malware can find a way in — and organisations can ’ t recover their data if they don ’ t have a strong backup recovery tool in place . Just backing up data to a mapped network or hard drive or even creating regular backup images won ’ t help if the backup isn ’ t secure . Ransomware will encrypt all the data on a PC , including all connected drives , which means your backups become useless .
Companies can even lose access to the data on network drives or even the entire enterprise network . Ransomware such as CryptoLocker encrypts any data it finds on any mapped drive , even if the data on that drive is in the cloud . We can expect this software to attack any connected network in the near future , since a code change to make that possible would be almost painfully easy .
Wired . com ’ s Patrick Oliver Graf put it so well : “ Even more worrisome is that beyond individual files , the network itself could be held for ransom , if a hacker gained the necessary read and write privileges by infiltrating a network administrator ’ s device . Cybercrime goes where the money is , and eventually , all roads lead to the enterprise .”
Creating an effective defence and recovery policy is not simple . It needs to include a number of layers — including : Robust endpoint protection , Email security to prevent malicious emails that often initiate the attack Application control , that can be an effective defence stopping malware executing in the first place .
To be fully protected , companies need a combination of several strategies and that should include an effective recovery tool to be used as a safety net should the security measures fail .
A business continuity solution that incorporates backup and recovery can secure vital data where it can be accessed from strategically placed servers in the event of a catastrophic data failure . Less vital data can be stored on tape to be retrieved and restored once the system is up and running again .
In the case of a ransomware attack , enterprises must think about the infected network as well . Disconnect all infected computers from all network communications so your tech staff can clean them before putting them back into service . A company can be up and running faster by keeping backup machines available that remain offline when not in use . These systems can be brought from storage and used to keep the business running while technicians clean infected computers of the virus .
Contact us to learn how to provide essential business continuity to protect against productivity loss from malware .
Learn more about Quorum and request your demo at www . securityplusonline . co . uk / quorum