Ransomware is a piece of malicious software that infects a computer or device and encrypts the data making it inaccessible to the user. A ransom is then demanded to regain access to the victim's data. A time limit to pay the ransom is often imposed (usually 24-48 hours) or you risk losing access to the encrypted data forever. If a backup is unavailable or the backups were encrypted too, the victim is faced with paying the ransom to recover personal files. Payment must be paid in Bitcoin and the ransom cost can be anywhere from a few hundred dollars to thousands of dollars. Once the ransom is paid, the attacker will send a private key that will allow you to decrypt the data.
If you are dealing with a ransomware attack now, here are some tips to handle it going forward.
If you sit down and think about all the things that might cause your business harm, data loss should be at the very top of that list. Very few businesses in today’s day and age still operate on a pen-and-paper model and have instead shifted into the digital realm. Though this affords a great deal of convenience, things like cybercrime, natural disasters, and even hardware failure can mean the end of the line for your company. Disaster recovery as a service can change this.
The Three Biggest Disasters Facing Small Business
When it comes to unexpected data loss that could potentially close your business forever, there are three ways it could happen:
Disaster Recovery vs. Backup
Many small businesses currently pay for what is known as BaaS, or Backup as a Service. This essentially means that the companies’ data is backed up regularly and stored in a separate location. If a natural disaster, hardware failure, or cybercrime should occur, the data is not lost forever. This is incredibly beneficial, but it often provides business owners with a false sense of security. There’s no provisioning for network or computer needs with BaaS, which means that even though the data is safe, it cannot be accessed remotely, and this creates a significant amount of downtime.
DRaaS, or Disaster Recovery as a Service, solves this issue. It does include provisioning for network and computer needs. To better understand this, imagine that your company’s headquarters – including the onsite server – burned to the ground. Your BaaS provider has your servers and data saved and backed up on a server elsewhere, but it’s just a backup, so until you put a new server into place, your data and infrastructure is effectively useless. A DRaaS provider, on the other hand, allows your business to stay up and running with very little downtime (if any at all) thanks to offsite data redundancy.
For many small businesses who are still trying to build a reputation and make a name for themselves, several days or even hours of downtime can be devastating. It is important for small business owners to maintain their online presence through thick and thin, even in the midst of a natural disaster. This is exactly what disaster recovery as a service was designed to do; it provides small business owners with unprecedented peace of mind by ensuring things continue to run with minimal downtime – even in the midst of a true disaster.
Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?
The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.
The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.
Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.
There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.
Here are a few ways to stay safe
Select a Registrar with a Solid Reputation for Security
Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.
It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.
So what else can be done?
Set Up a Registry Lock & Inquire About Other Optional Security
A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.
Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.
While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.
Email us at email@example.com or use our contact form to see how Pennyrile Technologies can help your business today.
More cybercriminals are targeting small-to-medium sized businesses. One reason for this is too many workplaces have insufficient bring-your-own-device (BYOD) policies in place. Some have none at all. Although firms are generally more knowledgeable about network security risks than in years past, they still woefully underestimate the security vulnerabilities linked to mobile devices like smartphones and tablets.
This is a real cause for concern since data breaches have the ability to put many already financially challenged SMBs out of business.
If customer/client data has been breached, there could be potential litigation costs, and naturally, lost goodwill and an irreparable hit to brand or company reputation.
Don’t Just Say You’re Worried About the Bad Guys... Deal With Them
SMBs say they view network security as a major priority but their inaction when it comes to mobile devices paints a different picture. A recent study found that only 16% of SMBs have a mobility policy in place.
Despite the fact that stolen devices are a major problem in today’s mobile workforce, only 37% of mobility policies enforced today have a clear protocol outlined for lost devices.
Even more troubling is the fact that those firms who have implemented mobility policies have initiated plans with some very obvious flaws.
Key components of a mobility policy such as personal device use, public Wi-Fi accessibility, and data transmission and storage are often omitted from many policies.
Thankfully, most SMB cybercrimes can be avoided with a comprehensive mobility policy and the help of mobile endpoint mobile device management services.
A Mobility Policy Is All About Acceptable/Unacceptable Behaviors
Your initial mobility policy doesn’t have to be all encompassing. There should be room for modifications, as things will evolve over time. Start small by laying some basic usage ground rules, defining acceptable devices and protocols for setting passwords for devices and downloading third-party apps. Define what data belongs to the company and how it’s to be edited, saved, and shared. Be sure to enforce these policies and detail the repercussions for abuse.
Features of Mobile Device Management Services
MDM services are available at an affordable cost. These services help IT managers identify and monitor the mobile devices accessing their network. This centralized management makes it easier to get each device configured for business access to securely share and update documents and content. MDM services proactively secure mobile devices by:
It’s important to realize that no one is immune to cybercrime. The ability to identify and combat imminent threats is critical and SMBs must be proactive in implementing solid practices that accomplish just that.