Payments to ransomware criminals are expected to reach over $1 billion in 2017. New attacks are being reported daily and unfortunately they are not expected to decline in the near future.
In case you were wondering; ransomware is a type of malicious software which blocks the access to data on a device by encrypting it. A financial ransom will then be asked of the victim in exchange for the data. Engineers at Kroll Ontrack have so far identified over 225 variations of ransomware infecting user devices, however there are more being created every day, plus others that may not have been reported already.
Anyone with a computer, smartphone or even a smart TV can be the target of a ransomware attack, but corporations are the ones who are hit the hardest. If a company gets infected by this type of malware, not only are they facing a hefty ransom to get access to their data, but they can also face financial losses due to the downtime sustained. In some cases companies may end up paying the ransom amount but still do not get access to their data, making the whole situation risky, expensive and incredibly damaging for the business as a whole.
Businesses at risk
Ransomware variants will often target specific business verticals. The highest risk targets are usually healthcare, financial institutions and government agencies, where the data used is sensitive or classified by nature. Companies and IT employees in these industries should take precautions to reduce their risk and lessen the effects of an attack. Here’s a few that should certainly be considered:
- Create and follow a backup and recovery plan. Ensure that your plan includes storing backups offsite and how to handle corruption.
- Be prepared by testing backups regularly. Organizations must be familiar with what is stored in backup archives and ensure the most critical data is accessible should ransomware target backups.
- Implement security policies. Use the latest anti-virus and anti-malware software and monitor consistently to prevent infections.
- Develop IT policies that limit infections on other network resources. Companies should put safeguards in place, so if one device becomes infected with ransomware, it does not permeate throughout the network.
- Conduct user training, so all employees can spot a potential attack. Make sure employees are aware of best-practices to avoid accidentally downloading ransomware or opening up the network to outsiders.
Even with the best precautions and policies in place, you may still suffer from an attack. In the event your data is held hostage by ransomware, here’s some advice to bear in mind:
- Remain calm. Rash decisions could cause further data loss. For example, if you discover a ransomware infection and suddenly cut power to a server, versus powering it down properly, you could lose data in addition to the infected data.
- Check your most-recent set of backups. If they are in-tact and up-to-date, the data recovery becomes easier to restore them to a different system.
- Never pay the ransom because attackers may not unlock your data. We mentioned this earlier on: there are many cases of ransomware victims paying the ransom demanded and not receiving their data back in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to data by reverse engineering the malware.
- Contact a specialist for advice and to explore recovery options. We can examine your scenario to see if we have a solution already in place, or if we are able to develop one in time.
As the last two points suggest; there are alternative options for affected businesses that do not involve funding cyber criminals. In some cases it is actually possible to get to the data without paying the ransom, but it requires the work of a specialist who has extensive knowledge of the types of encryption used.
Choosing a data re has developed a set of solutions to quickly recover the data held hostage, thus eliminating financial support of the criminals behind the attacks and reducing the amount of downtime experienced by companies.
There is hope for companies who are infected with Ransomware. The team of engineers at Kroll Ontrack is working around the clock in order to identify and find a resolution for each type Ransomware.
Got any questions about a data loss situation? Get in touch with us by tweeting @DrDataRecovery