Ransomware Part I

The daily reports of cybercrime are important reminders about the need to protect your business from malicious behavior that could threaten the success of your business. There are so many different things that can attack your computer, steal your data, and wreck your day. One of the most troublesome has been the development of ransomware. Ransomware is a type of computer virus that takes your data hostage and like any kidnapping scheme, demands money for the release of your data.

Why is ransomware so nasty?

Because it steals the most important thing your business possesses: data. Worse, once infected there isn’t generally a way out. No one can “disinfect” your machine. You aren’t going to be able to call in IT support to solve the problem. Occasionally, decryption keys are published, but once compromised, there is no guarantee of complete erradication of threates. Basically, you have three options.

1. Pay the ransom. This payment is usually via credit card or bitcoin (a digital currency). Some ransomware viruses even provide help lines if you’re having trouble. The FBI and CISA strongly discourage paying a ransom to cybercriminals. Of course, there are no guarantees your will get access to your data–these are thieves you’re dealing with.
2. Don’t pay and lose your data – This has its obvious downsides, unless…
3. You have a safe, clean backup. In that case, you are stuck with the nuisance of restoring your data with the backup, but you aren’t out any money. However, this comes with a caveat: your backups have to be clean. The problem with ransomware viruses is that just making data copies may not be sufficient to protect your data, as the backups can be infected also. In the next blog, we will address your need to add an additional layer of protection to handle ransomware attacks.