ransomware

You’ve heard about the latest ransomware attack, known as WannaCry. It hit many countries around the world, stopping a lot of services and throwing a lot of businesses into panic. It might seem like a one-time thing, but as technology advances in the world the number of cyber-attacks will rise. Ransomware is not a threat that is confined to the realm of technology nerds. It is a threat that could have a serious impact on you and your business. If you don’t know what it is, now is the time to learn about it. You shouldn’t stop paying attention to what is happening in the tech world. For the sake of your business and the people who work there, this is the information you need to know about ransomware.

#1. Attacks Can Happen To Any Business

The entire point of ransomware is to get a ransom from you, a business owner. You, as a business who has managed to remain open, have money that other people want. Ransomware creators know this, and have created ransomware to get this money from you for little effort. It doesn’t matter if you are a sole operator or you have 10 employees. As long as you have money, there are people who want it. They aren’t going to care that you worked hard to earn that money. They are just looking for easy targets who aren’t prepared.

#2. You’re Not Held For Ransom, Your Files Are

When you hear the word “ransom”, you’re probably thinking of hostages being taken by a criminal. You eventually get a notice, saying that they want X amount of dollars in exchange for your hostages back. While this is unfortunately still a modern day occurrence, ransomware is not that different from what you have imagined. However, people aren’t walking into your office and taking employees hostage. That’s not profitable anymore. Criminals are going into your computer and blocking off access to your files. Once you discover that your access has been denied, a ransom will sent to you. Criminals know that files are valuable hostages. Without them, your business operations could halt and you can’t do anything else. They know you need them, and that’s why instead of taking human hostages, they will take something that is easier to obtain, yet still valuable.

#3. Ransomware Ransoms Aren’t Paid With Cash

If you get hit by ransomware, your first instinct might be to fight the ransom as much as possible. However, you may be forced to pay the ransom if you didn’t make the appropriate preparations. You reach into your wallet or your credit card to get the fees necessary for the ransom. Unfortunately, it looks like the ransom isn’t going to take your money. No, not that they don’t want your money. If they take your money, it means they have opened up a potential trail where people can find them. Criminals want to cover their tracks as much as possible. They won’t want the cyber police catching on (and yes, they really exist). But there wouldn’t be much point in a ransom if you couldn’t pay it. It wouldn’t be profitable for the criminals and you wouldn’t have an incentive to do anything in their favour. That is why they want you to pay in Bitcoin. That doesn’t sound so bad at first, until you realize something terrible about Bitcoin.

#4. Bitcoin Ransoms Are Expensive

Bitcoin is a virtual currency that you may have heard of before. It has been on the news and while you may not have paid much attention to it, other people have. You might wonder why ransoms are paid in Bitcoin. After all, it sounds like digital currency you buy with real money. Not too different than what you can buy in a video game, right? Unfortunately, Bitcoin can be used in the real world. The exchange rate for Bitcoins are very expensive as there is a finite amount of Bitcoins that can be created. You could be paying hundreds, maybe thousands of dollars for a single Bitcoin, depending on the exchange rate. Your ransom could also be 5-10 Bitcoins, even more. You could be paying a significant sum of money in order to get your files back. That’s a steep price to pay, and it seems almost unfair. But that’s not the only reason criminals want you to pay in Bitcoin.

#5. Bitcoin Transactions Are Hard To Trace

Digital currencies are a ransomware criminal’s best friend. That’s because a cash transaction can be traced quite easily. If you transfer a sum of money (ie. $1000 AUD) to an account, that transaction can be traced by banks, police and security experts. The criminal will be found and caught. This isn’t going to be the case if the cash is first converted into a digital currency, traded and deposited into another digital account. As the money has left the usual channels of transaction, it can’t be traced as easily. You’re not paying in Bitcoin because criminals wanted to get technical. They want your money, but they also don’t want to deal with the potential consequences of being arrested. Bitcoin is an easy way to cover tracks and get away scot-free. Expensive and hard to trace. That’s why you’re paying in Bitcoin and not in any country’s currency.

#6. You Will Get Your Files Back After The Ransom

Of course, at this point you might be worried that this is going to go down a slippery slope. You worry that criminals will refuse to release your files while asking you for increasing amounts of money. Don’t worry, that won’t happen. As hard as it is to believe, if criminals didn’t release your files after you paid the ransom, word would spread that it’s not worth paying for. Ransomware isn’t a prank, it’s a real business (illegal as it is). If people don’t see a point in paying the ransom, the criminals would never make money. It also happens that their target happens to be electronic files and not human lives. While cyber criminals do not have the most pleasant of reputations, most aren’t actually trying to ruin your life on purpose. You’re a business transaction to them, one that has to go well or their entire model collapses. It will be a painful separation of your money, but you will get your files back. Their crime model relies on it.

#7. Ransomware Tricks You To Get Inside

You might think that ransomware will sneak in as a sneaky file that works to destroy your machine. You shore up your anti-virus defences and protect yourself. It’s a smart strategy, and you should be doing it as often as you can. Doing that will prevent a lot of sneaky malware that could be potential ransomware. But ransomware also has another form. It can be legitimate looking emails. These emails usually promise a tempting offer or pose as a company asking you to update your information. For people who are not educated in cyber security (which happens to be quite a few people), they can believe that these emails are legitimate. They will input their information or install a normal-looking yet malicious file. When that happens, you have allowed ransomware a free pass into your machine. Your anti-virus security programs can’t stop you from inviting ransomware straight through the front door. One of the reasons ransomware is dangerous is because it tends to be brought in by people. That is why vigilance is recommended at all times. But before you start accusing your team and/or employees of deliberate sabotage…

#8. Ransomware Is Rarely Intentionally Self-Inflicted

One of the reasons ransomware is such a big threat is because it is often activated by an employee who downloaded a file or put in sensitive information. You might be pointing fingers and want to call someone an idiot, but you would do well to refrain from doing that. Ransomware criminals are well versed in cybercrime. In this day and age, you will rarely have individuals who will openly allow criminals to take advantage of them. That’s why emails have been edited and dressed to look like they actually came from the companies that they represent. The requests also look legitimate. If you have been notified that you need to update your password as there has been a security breach, it can be difficult to turn down an email, even if it does look suspicious. Employees don’t gain from risking their jobs through ransomware. If an employee has actually introduced ransomware deliberately, it was most likely a coordinated effort which you couldn’t have prevented even if you tried.

#9. Ransomware Isn’t Picky About Targets

You might have heard of large scale attacks in the news. After all, WannaCry was so severe that it made global news. However there are small scale ransomware operations that will attack you and will want your payment in the form of Bitcoin. You’re not heavily researched. There aren’t operations designed to bring your company down. You’re just one of many companies in existence, and since you haven’t closed down you must have some money. Criminals don’t care what industry you’re in. This isn’t cyber espionage. They don’t know the importance of the files they have locked down. All they know is that these files could be valuable, and they will lock them down to prevent you from accessing them.

#10. There Are Things You Can Do

Ransomware looks powerful, but it can be stopped in its tracks. While being targeted by ransomware is a horrible thing, it teaches you a lot about security. You learn what you can do in the future. With a trustworthy IT provider, you can back up your files and retrieve them again to bypass the ransom entirely. If you have everyone learn a bit of IT security, you can avoid introducing ransomware into your environment. Talk to your IT department, because they deal with ransomware a lot and they know what to do.

Conclusion

Ransomware is not fun. It has the potential to cripple businesses and stop a lot of operations. The ransoms are expensive and it is very unlikely the criminals will be brought to justice. However, that doesn’t mean you can’t be vigilant and stop crime before it happens. Talk to IT experts who know what they are doing. Ensure that everyone in your business knows a bit about IT security. Remind them of simple basics like not opening up suspicious emails and to double check any email received. If you are able to do that, you can protect yourself from ransomware while operating your business comfortably.