What is Ransomware?

Ransomware is a piece of malicious software that infects a computer or device and encrypts the data making it inaccessible to the user. A ransom is then demanded to regain access to the victim's data. A time limit to pay the ransom is often imposed (usually 24-48 hours) or you risk losing access to the encrypted data forever. If a backup is unavailable or the backups were encrypted too, the victim is faced with paying the ransom to recover personal files. Payment must be paid in Bitcoin and the ransom cost can be anywhere from a few hundred dollars to thousands of dollars. Once the ransom is paid, the attacker will send a private key that will allow you to decrypt the data.

Tips for Avoiding Ransomware

  1. Back up your data - This won't prevent you from being infected with ransomware, but this is one of the most important things you can do in the fight against ransomware. Regularly backup your computer and data to an external hard drive and disconnect it from the computer. This would be considered an offline backup. Even better, backup your computer off-site with a cloud backup service so that even if you suffer a ransomware attack, you can easily restore all your data and not have to worry about paying a ransom.
  2. Keep your software updated - Make sure to regularly update your operating system and the software installed on it. Ransomware attacks can take advantage of known bugs and vulnerabilities to attack and infect devices.
  3. Watch for suspicious emails and links - Be careful clicking on any links or attachments that are emailed to you. The biggest vector for ransomware infections are emails. Even if you know the sender, be mindful the their email could be compromised and a hacker is using it to infect others. If you weren't expecting a file or link or the wording in the email seems off, it doesn't hurt to double check with the sender. Use a anti-spam or email security service that can help block emails before they reach your inbox.
  4. Use antivirus software - Use a reputable antivirus software and keep it updated. There are some great free antivirus softwares out there along with paid ones. If you go with a paid solution, don't let the subscription lapse so that you stop getting security updates.
  5. DNS filtering - Using a DNS filter like OpenDNS can help block malicious websites, content, and ransomware. By using a large database of blacklisted sites, the filter will check against the database when resolving a DNS query and then prevent the content from loading if it is blacklisted.

Dealing with a Ransomware Attack

If you are dealing with a ransomware attack now, here are some tips to handle it going forward.

  1. Isolate the infected machines - Try to prevent the infection from spreading any further by isolating all infected machines. Turn off the machines and disconnect them from the network by unplugging the Ethernet cable and disabling Wi-Fi, Bluetooth, and any other networking capabilities. Speed is of the essence and the longer a machine is turned on and connected to the network, the longer it has do encrypt your files and spread to other machines.
  2. Identify the type of infection - Try to identify the type of ransomware that is being used in the attack. It can help you understand how it spreads, the types of files it encrypts and possibly how it can be removed without paying a ransom to the attacker.
  3. Change login credentials - Ransomware can spread rapidly by gathering IP addresses and credentials. If the attacker manages to compromise administrative credentials they can move laterally around networks, encrypt files and wipe out backups in the process. To ensure your system is secured and to prevent attackers from thwarting your recovery efforts, you should immediately change all admin and user credentials.
  4. Assess the damages - To determine which devices have been infected, check for recently encrypted files with strange file extension names and look for reports of odd file names or users having trouble opening files. You should try to create a comprehensive list of all affected systems and data, including network storage devices, cloud storage, external hard drive storage (including USB thumb drives), laptops, etc.
  5. Notify the authorities - Once the ransomware has been contained, you will want to report the attack to the authorities. The FBI urges ransomware victims to report ransomware incidents regardless of the outcome. Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases.
  6. Evaluate recovery options - Ideally, you will have backups you can restore from. The quickest and easiest way to recover from a ransomware attack is to restore your systems from a clean backup. Alternatively, you may be able to remove the malware otherwise you will need to wipe all infected systems and reinstall. Performing a complete wipe of all storage devices and reinstalling everything from scratch will ensure that no remnants of the malware linger.

The adoption of technology from the simplest of matters to the most complex problems has rendered us heavily dependent on it. We love paying our bills minutes before they are due. We enjoy seeing loved ones face-to-face on our computer screens. We can access and print our extremely sensitive records from government and financial websites in a matter of minutes instead of waiting for the mail for days. The time and resources that technology saves are invaluable, but this convenience has a very ugly side. This convenience brings costs, which could include irreparable financial, professional, and social damage. The technology that is designed to make life easier can also wreak havoc when criminals use it to breach secured, personal information. So how do we tame this beast called 'breach of data security'?

Background: The gravity of the problem: To look for a solution, we first need to understand how serious this problem is. Breaches in data security and loss of data could spell imminent demise for many small companies. According to the National Archives & Records Administration in Washington, 93% of companies that have experienced data loss resulting in ten or more days of downtime have filed for bankruptcy within a year. 50% wasted no time and filed for bankruptcy immediately and 43% that have no data recovery and business continuity plan go out of business following a major data loss. In the past, small- to medium-businesses (SMBs) thought that data security problems were reserved for large corporations, but cyber criminals are finding out that SMBs are more complacent in securing their data thus making themselves easier targets. More importantly, the lightly guarded SMBs can provide backdoor access to the large entities hackers really want to hit. Fewer than half of the SMBs surveyed said they back up their data every week. Only 23% have a plan for data backup and business continuity. That is why the number of cyber attacks on SMBs has doubled in the recent past.

Causes of lost data: Loss of data can be attributed to two factors.

Five ways to minimize data loss

  1. Enforce data security: More than technology, this is the management of human behavior. SMB management must communicate data protection policy to the entire staff and see to it that the policy is adhered to. Rules and policy must be enforced very strictly regarding the use of personal devices. Tell employees to create passwords that are hard to crack and change them frequently.
  2. Stress the consequences: Rules are only good if there are consequences for not following them. Define what those consequences mean for the both the individual and the organization.
  3. Mobile device management: Mobile devices may be the weakest link in data security. "Mobile device management" refers to processes that are designed for the control of mobile devices used within the company. Devices tapping into company systems are identified and monitored 24/7. They are proactively secured via specified password policies, encryption settings, etc. Lost or stolen devices can be located and either locked or stripped of all data.
  4. Snapshots: Fully backing up large amounts of data can be a lengthy process. The data being backed up is also vulnerable to file corruption from read errors. This means sizeable chunks of data may not be stored in the backup and be unavailable in the event of a full restoration. This can be avoided by backing up critical data as snapshots.
  5. Cloud replication and disaster recovery services: For SMBs who consider data backup to be too costly, time-consuming and complex there is an answer. The Cloud provides a cost-effective, automated off-site data replication process that provides continuous availability to business-critical data and applications. Cloud replication can often get systems back online in under an hour following a data loss.

To conclude our conversation, it is very important to understand the causes and consequences of data loss. Be proactive and minimize the likelihood of a data breach and data loss, so you can stay in business without interruption. Make sure you have a solid data recovery and business continuity plan so you don't become another statistic about small firms who didn't make it.

Email us at sales@pennyriletech.com or use our contact form to see how Pennyrile Technologies can help your business today.

Small business owners are often worried about data loss. Rightly so, because data loss has the potential to wipe out a business. We have identified the most common forms of data loss so you can see how they fit into your business and assess the risks related to each of these pitfalls.

  1. Human Error - Human error - by way of unintentional data deletion, modification, and overwrites - has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. While virtualization and cloud computing have enabled improved business continuity planning for many businesses and organizations, humans must still instruct this technology how to perform. The complexity of these systems often presents a learning curve that can involve quite a bit of trial and error. For instance, a support engineer may accidentally overwrite the backup when they forget to power off the replication software prior to formatting volumes on the primary site. They will be sure to never do that ever again, but preventing it from happening in the first place would be more ideal.
  2. File Corruption - Unintended changes to data can occur during writing, reading, storage, transmission and processing - making the data within the file inaccessible. Software failure is a leading cause of data loss and is typically the result of bugs in the code. Viruses and malware can also lead to individual data files being deleted and hard drive partitions being damaged or erased.
  3. Hardware Failure - Storage devices may be at risk due to age, or they may fall victim to irreparable hard-disk failure. Viruses and hackers can also potentially shut down a hard drive by inserting undeletable malicious code and huge files via open, unprotected ports. If these malicious programs cannot be deleted, the entire hard drive may have to be reformatted, wiping out all the data.
  4. Catastrophic Events/Theft - The threat of catastrophic events such as fire, flooding, lightning and power failure is always a concern. Such events can wipe out data in a millisecond with no warning. Theft is also a data loss risk that companies must address. While advances in technology like anytime/anywhere connectivity, portability and the communication/information sharing capabilities of social media and crowdsourcing have revolutionized business - the risk for theft is even greater due to this increased accessibility. More people are doing daily business on their laptop, iPad and mobile phones. They are also carrying around portable media like thumb drives, USB sticks and CDs. Physical theft of any of these devices can spell big trouble.

Data loss is as unique as the various sources from which it comes. The key is to identify the areas in which your business is weak and work towards a mitigation plan for each one of them. An MSP can act as a trusted partner in such cases, holding your hand through the process of safeguarding your data.

Think Quicker Recovery Time, Not Quicker Backups - While incremental backups are much faster than executing a full-backup, they also prolong recovery time. In the event of data loss, a full restore will require loading the most recent full backup and then each incremental backup tape. Having too many incremental backup tapes not only adds time to this restoration process, but it also increases the probability of not recovering all of your data. A tape could be lost, unintentionally skipped over, or contain corrupted data. Be sure to focus on optimizing the restore time to ensure faster data recovery. A quicker recovery time should be the main objective, not the need for a quicker backup process.

Maintain Sufficient Backup History - Within the blink of an eye, current data files can become corrupted and inaccessible. This will necessitate the loading of an earlier data backup that is clean of corruption. Many smaller companies make the mistake of failing to keep a sufficient backup history.

Be Sure to Backup Essential Data AND Applications - Some businesses don’t feel the need to backup all data, but be sure essential databases, documents and records are backed up frequently. Don’t overlook applications that are critical to day-to-day business operations either. Many companies fail to backup applications, only to realize when it’s too late that they don’t have access to the original installation disks when they’re trying to recover from data loss or an outage.

Have Off-Site or Online Backup - Some businesses backup data simply by moving essential files to tapes or external hard drives that are then stored somewhere onsite. But if they’re kept onsite, what happens if a fire, flood or other natural disaster takes out not just your server but your backup tapes and drives? Onsite backups can also be susceptible to theft. Having secure off-site, or even online backup, is simply the smart thing to do to ensure quick recovery when trouble comes to town.

Fix Broken Access Controls on Your File Server - Many businesses have folders with confidential data residing on a file server with overly permissive access controls. Why take the risk of having a disgruntled - even former - employee access and misuse this data when access can be limited to only those in the company who need it?

Be Sure to Test Restores - It happens time and time again. Business owners think they have a data backup plan in place. Tapes are changed diligently each day and everything appears to be backed up and good to go. However, it turns out the backups haven’t been working for months, sometimes even years, right at the very moment they’re needed. Either the backups had become corrupt and useless or large segments of data were not being backed up. This happens often. Don’t let it happen to you.
Need help with your backups? Schedule a free network assessment  or read more about our backup and disaster recovery service.
 

Small and medium sized businesses today are relying more than ever on IT systems to efficiently run their business, support customers and optimize productivity. These systems house sensitive digital data ranging from employee and customer information, to internal emails, documents and financial records, sales orders and transaction histories. This is in addition to applications and programs critical to daily business functions and customer service.

While corporate-level data losses and insider theft are well publicized, many smaller businesses have also become casualties of data loss and theft. Following a significant data loss, it is estimated that a small-to-medium sized business can lose up to 25% in daily revenue by the end of the first week. Projected lost daily revenue increases to 40% one month into a major data loss.

According to The National Archives & Records Administration in Washington, 93% of companies that have experienced data loss, coupled with prolonged downtime for ten or more days, have filed for bankruptcy within twelve months of the incident while 50% wasted no time and filed for bankruptcy immediately. Finally, 43% of companies with no data recovery and business continuity plan actually go out of business following a major data loss.

Still, a survey conducted by Symantec SMB revealed that fewer than half of SMBs surveyed backup their data each week. Only 23% of those surveyed said they backup data every day and have a business continuity plan in place.

Businesses play on a much bigger playing field than they did two decades ago. Any disruptive technological event - even the smallest of incidents - can have an amplified impact on day-to-day business and profitability. Being proactive with data recovery solutions, and having emergency response procedures in place prior to a disruption or data disaster, is the only way to minimize downtime and soften the impact o

 

World Backup Days is on March 31st and we want to know if you have your files backed up? Need assistance setting up a backup for your data? Give us a call.

What exactly is a backup?

A backup is a second copy of all your important files — for example, your family photos, home videos, documents, emails, and financial data. Rather than storing it all in one place (like your computer), you should keep another copy of everything somewhere safe like an external hard drive, DVD, or the cloud.

So why should I backup?

Losing your files is  more common than you’d think. Ever lost your phone, camera or tablet? What about a hard drive failure on your computer? There could also be an environmental event such as a fire. Your stuff could have been saved with a backup. One small accident or failure could destroy all the important stuff you care about.

How should I backup?

There are several ways to back up your data. You can back up to an external disk or drive, such as CD or DVD burners, USB sticks, and external hard drives. You can also use a third party service that backs up to the Internet or cloud.

How often should I backup?

You should backup anytime you have updated or added media that is important to you. If your computer is starting to die or become less reliable, make a backup immediately. For some people, backing up daily is necessary, and for others, weekly or monthly. Choose a schedule that works for you. Using third party software can automate your backups so you don't forget!

 

World Backup Day

Recent Posts

Our Address

Address

1031 Skyline Dr. Hopkinsville, KY 42240

Hopkinsville Phone

270 632 0900

Clarksville Phone

931 771 1149

Copyright © 2020 Pennyrile Technologies | All Rights Reserved

×