Your Data Has Been Kidnapped. Paying the Ransom? Don’t Do It!

As an owner of a small to midsized business, perhaps you start work earlier than everyone else. One morning, you sit down to log on to your company’s network, ready to catch up on your emails. But when you enter your username and password, instead of logging into your company’s network, a full-screen warning window pops up: “WARNING! YOUR FILES HAVE BEEN ENCRYPTED.” The message says that your data is safe; however, you will not be able to access it until you pay a ransom to have it decrypted by the hacker. Your hard-earned, confidential business data is being held hostage. And in two days, the ransom will double.

Unfortunately, the above scenario is becoming very common. Attacks via ransomware emails have more than doubled over the past year. The FBI, https://www.fbi.gov/news/stories/ransomware-on-the-rise working with other security agencies, is devoting more and more resources to the investigation, prosecution and prevention of ransomware attacks, as they affect companies, large and small, on a global level.

Types of Ransomware

• Crypto Ransomware – targets your most valuable files and encrypts them so that you cannot access them. Once you have been locked out, the hacker demands a ransom payment before decrypting your data and freeing up your system.
• Locker Ransomware – Instead of encrypting your data, locker ransomware locks you out of your devices, keeping you from using them. The cybercriminal who launched the attacks will then demand a ransom from you to unlock the devices.

Most victims of ransomware attacks have either opened infected attachments or have unknowingly clicked on links embedded in spam emails. The best way to spot a ransomware email is to check the identity of the sender carefully. Take extra care in opening emails from unknown sources. If you are unsure of the sender’s identity, do not open any attachments until their credentials have been verified. Furthermore, never act on a request to “Enable Macros.” Macros embedded by hackers will speed up the spreading of malware through your system and network.

You’ve Been Attacked by Ransomware - What to Do

Once your company has fallen victim to a ransomware attack, it is imperative to take immediate action:

• Immediately Disconnect the Attacked Computer from others on your network and disconnect from wireless connections and any external drives.
• Lock Down Your Network
• Photograph the Ransom Note to file with police reports. Preserve as much evidence as possible.
• Ascertain What Kind of Malware is holding your data hostage. If you can identify the malware type, it will be easier to determine the best way to remove it from your system.
• Report the Attack ¬– You should report the attack to local police as soon as possible. Your precinct will probably refer you to the cybercrimes division. They will try to identify the hacker and their targets’ profiles as quickly as possible to help other companies avoid falling victim to the same attack.
• Assess the Damage – determine what files and what other networked machines have been infected.
• Define Your Options
  • Act quickly. You will be racing against time to fix the problem before the ransom doubles … and doubles again.
  • Try Decrypting. If you have the tools, it’s worth a try.
  • Wipe the System and Reinstall From Backups. If you have up-to-date, clean backups of your data, you may consider deleting all data from your system and the laborious task of reinstalling everything.
• Teach your employees to report any cyberattack as soon as it occurs, even if they think they’ve inadvertently been the cause of the attack. The quicker the response to a ransomware attack, the more likely it can be contained.

Many companies are required by law to protect the personal and financial data they collect from clients. If they are attacked by ransomware, their clients have also been attacked. For medical and legal practices, safe and secure data is crucial to their reputations. Data breaches such as ransomware attacks can put companies out of business and expose them to legal challenges.

A professional cyber security expert can help you make the right choice. DIGIGUARD Cyber Security specializes in cyber threat protection, including VPN solutions for small and midsized companies. DIGIGUARD can provide your small business its own secure and affordable virtual private network platform, and other cutting edge cyber defenses, so your company’s data will be safe in an expanding mobile work environment.

Get a DIGIGUARD Vulnerability Assessment

As your business grows, expands its network and adds more devices such as smart controls, wireless access and remote access, your network vulnerability grows, too. DIGIGUARD specializes in proactive ransomware services and has a wide array of solutions for small and midsized businesses to defend against malware attacks and other network data breaches. They are cyber security experts who can ensure your confidential business and banking data has the best protection possible.

In addition to helping you defend against or recover from a ransomware attack, DIGIGUARD can provide solutions that offer early detection of potential cyber threats before they happen. DIGIGUARD can assess your cyber vulnerability and work with you to ensure you have the best network and data protection solutions for your business.

Contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) www.DIGIGUARDsecurity.com to discuss the prevention of ransomware attacks and other cyber defense protocols to protect your hard-earned business data.