Ransomware – a Serious Business Risk
Imagine this scenario: you are a successful business owner, and you wake up one morning to discover that all your organization’s computer files – documents, images and programs – have been encrypted and are now unreadable. There’s a message on your computer asking you to pay $500 via bitcoin to unlock your data, and you’re told that if you don’t pay the ransom by a specified date then the payment amount will escalate, or that your data will be erased.
You have just fallen victim to ransomware, and recovering your data will cost you time and money. Inability to access to business-critical files and potential release of sensitive or confidential information could mean significant long-term damage to your business.
The above scenario has unfortunately become all too common in recent months, with ransomware posing a serious business risk to many organizations. This article will give you a better understanding of ransomware and steps you can take to mitigate this risk.
What is ransomware?
Ransomware is a type of malicious software designed to block access to a computer system or to encrypt your data until a sum of money is paid. There are two types of ransomware:
- Lockscreen ransomware – shows you a full-screen message and prevents you accessing your PC until you pay money to get access to it again.
- Encryption ransomware – encrypts all your files so you can’t access them, and demands you pay money to be able to access them again.
A recent report by anti-malware software company Emsisoft estimates that ransomware attacks cost businesses and organizations in Canada as much as $2.3 billion last year. Emsisoft estimated that ransom demands in Canada totalled between US$65 million to nearly US$260 million.
Signs you’ve been hit by ransomware
- A pop up message or banner appears with a ransom request
- You cannot access information on the computer beyond that screen
- A message on your screen asks you to send money outside of regular banking channels
- You are told you will receive a code or program to restore access to your data upon payment of the ransom
What to do if your system has been infected
You should never pay a ransom, as there is no guarantee you will get access to your data. If you have been infected by ransomware, there is often little you can do to regain access to your data unless you have a backup.
There are however certain types of ransomware for which tools to unlock encrypted files are now publicly available. These can be found at www.nomoreransom.com, an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.
Tips to protect yourself from ransomware
- Never click on a pop-up that claims your computer has a virus
- Use an up-to-date anti-virus program
- Be wary of any unsolicited emails or emails from people you do not know
- Don’t click on links or attachments in e-mails unless you absolutely trust the sender
- Turn on your browser’s pop-up blocking feature
- Backup your data regularly to a remote, unconnected backup or storage facility
Ransomware is a growing threat to all organizations. However by following the above suggestions, and taking precautions to be safe on the internet and with emails and online chat, you will greatly reduce your chances of falling victim to this and any other malware.
If you would like to find out more about ransomware and reducing business risk, or need help improving operating efficiency, reducing costs and strengthening your organization, please contact me at 613-727-1230 ext. 212 or firstname.lastname@example.org
Richard MacNeill, FCPA, FCMA, CMC, Dipl. T. is a partner at OTUS Group, a team of advisors to business, government and not-for-profit organizations.