Ransomware is a class of cybercrime that is stealing cybersecurity headlines (and people’s money) nowadays – and for good reason! It has all the makings of a dramatic, front page news story.
Ransomware sounds like something straight out of a Hollywood movie (nerdified, of course, so that the tech world will truly appreciate it), and is becoming a larger threat every day. The FBI indicates that Ransomware has grown to be a billion dollar business. Recent headlines show an increased amount of Ransomware attacks. One example that will be analyzed later is that of an Austrian Hotel, where hackers locked down their systems and impaired their abilities to serve customers. Another recent case is of Los Angeles Valley College, who ended up having to pay a large sum to hackers in order to continue their functions. It is important to know that anyone could be victim to ransomware, and the attack could happen as simply as this example:
You’re minding your own business at work. You open an email that appears to be from a hot, new business lead. You read the email carefully and click the link, which should take you to the prospect’s website. All is well, until suddenly an unknown program is downloading on your computer. Frantically, you try to stop it, but it’s too late. You’re already infected.
You run for the help of your IT professional, but by the time you get back the damage has already been done. Once identified, you realize it is ransomware. Years of data and sensitive information are locked down on your computer, encrypted by a cyber criminal whose location is unknown. They are holding your information hostage, and demand a ransom. What do you do?
This post will analyze the threats of ransomware and offer solutions that help avoid these situations and mitigate the damage from it.
A study done by Malwarebytes gives great insight into the risks and costs of Ransomware:
- Cost: 60% percent of all ransomware attacks demanded over $1,000 and over 20% asked for more than $10,000. The top 1% asked for over $150,000.
Ransomware hackers target your most valuable systems, knowing that if they can lock them down, you will be willing to pay a price to unlock them. Take, for example, Los Angeles Valley College. They were victims to ransomware earlier this year when hackers targeted their key systems and crippled their ability to function. In a statement about the situation, the college said “It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost”. This story is an example of why 40% of victims choose payment as a solution to the problem.
- Downtime: 60% of incidents took over 9 hours to work through.
Besides money, downtime is a huge cost. The Austrian hotel is an example of this. Their systems were attacked on four different occasions, and customers could not access their rooms because of hackers. New keycards could not be issued because the software was encrypted by ransomware, putting a halt to their business operations. In each of these four occasions, they paid €1500 to decrypt their systems. It was much more cost effective for them to simply pay the hackers than to upset their customers and spend the time necessary to fight the problem. Many other businesses also choose to pay hackers because they cannot afford the downtime.
- Data Loss: Hackers use this as leverage. An encrypted hard drive is extremely difficult or impossible to decrypt without the key, and in many cases, by not paying hackers, you will end up paying more in data loss.
- Loss of Life: Ok, we found this one a little dramatic. But the fact stands that 3.5% of people surveyed by Malwarebytes said that their lives were at stake because of the effects of ransomware.
Who is at Risk of Being Targeted?
We have already mentioned two examples of organizations who were victimized by ransomware. Additionally, Hundreds of MySQL databases, Google Chrome users, financial services consumers, and more have been targeted. The fact is, hackers and cyber criminals don’t really care who is affected with their malware. The more people they can infect, the better the chances that they will hit a huge payout. They do, however, specifically target businesses because they know there is a better chance that they will pay the ransom. Health care and financial institutions are amongst the most heavily targeted, according to the Malwarebytes study.
GWAVA will prevent ransomware from reaching your mailboxes and protect your business on the email front; however, with hundreds or thousands of employees downloading information from the internet, there is still a risk for infection. With a little preparation, the damage of ransomware can be mitigated via backups and archiving.
Micro Focus also offers two solutions that archive, back up, and secure your information:
- Micro Focus Reload is the fastest backup and disaster recovery tool available for GroupWise. Reload delivers quick message restore as well as hot backups of post offices and domains. This ensures that critical data is always current and available. If ransomware were to attack your system, your GroupWise email is restored with just the push of a button.
- Micro Focus Retain provides unified archiving of all business communication, including email, social media, and mobile communication data for case assessment, search, and eDiscovery. It can be deployed on-prem or in the cloud and ensures that all of your business communications are secured. A ransomware attack on your systems would not be nearly as devastating if all of your important information is already stored in Retain. Instead of paying the ransom, IT professionals can restore systems without worrying about data loss, knowing that critical information is already safely stored on Retain’s servers.
Although we enjoy reading a dramatic tech story, our goal is to keep you and your business out of the headlines. By securing your critical information and defending against attack, you can ensure that you won’t be caught in a true information hostage situation.
We hope that this post has been informative, and that you can protect your organization from the harmful effects of ransomware.