Protecting Your Business Data

Don’t Let CryptoLocker Hold Your Business Data Ransom

If your systems haven’t yet been infected by ransomware, consider yourself lucky—and make sure you teach your users how to continue to avoid it. Countless small businesses are finding out the hard way that even a single errant click can spell disaster, blocking access to key business files and effectively shutting them down.

The problem? Clicking on the wrong email attachment can cause your computer to install a nasty program like CryptoLocker, which encrypts the files on your hard drive and displays a message warning you to pay a ransom to unencrypt them or never see them again. Many businesses are paying up and praying that the criminals on the other end honor their promise to unlock the files—and don’t just lock everything again in a few months.

Big business

It's little wonder that ransomware has become big business for criminals: it’s easy for malicious fraudsters to send out spam emails in the millions, peppering businesses with invitations to redeem special offers or carefully crafted letters purporting to be from banks, government, or other businesses. Some of these messages are very hard to identify as fake, and by the time the user catches on, the damage has already been done.

Verizon’s 2015 Data Breach Investigations Report found that it takes as little as 82 seconds for a new email campaign to trick its first victim into clicking on its attachment. That leaves a painfully small window of opportunity for businesses to protect themselves from new threats, and it puts a significant burden on users to be on constant lookout for suspicious emails.

While US authorities last year knocked out the network that CryptoLocker uses to co-ordinate its attacks, it’s back this year and stronger than ever.

And it’s not just CryptoLocker you need to guard against. Businesses are being hit by ransomware strains like BitCrypt, CryptoWall, and Crowti, and the attacks are becoming more common. With newer strains getting progressively better at encrypting not only your computer but other systems on the company network as well, a single employee mistake can still bring an entire company to its knees.

How to avoid ransomware

Although the figures aren’t encouraging, there are ways to avoid becoming a ransomware statistic, and they’re all good practices that every user should be undertaking. Here are a few:

  • Don’t open any email attachment that has not come from someone you know or someone you expect to be writing you. Even then, if it’s about something you’re not expecting, read the message carefully and don’t open the attachment until you’re sure it’s real. If something doesn’t smell right, it probably isn’t.
  • Use security software and keep it updated. Today’s security suites know how to sniff out all kinds of malware and may be able to stop ransomware from communicating with its host server, potentially preventing it from obtaining the encryption key necessary to scramble your files.
  • Backup your data on a daily basis to another system or to an external hard drive. This includes burning regular backups of your most important files to DVD-R discs to make sure ransomware cannot reach them.

 

Contact us at Meridian so we can work with you to protect your data.