When people think about the word ransom, a bank robbery is usually the first thing that comes to mind. However, imagine having to pay 3 million dollars to retrieve your company’s data; accounting, sales, ERP information to shipping and manufacturing data being held hostage.
Unfortunately, ransomware is on the rise. In 2018 a ransomware attack was reported every 40 seconds in comparison to every 2 minutes in 2016. There is a preconceived notion that ransomware only happens to large international public companies like; Marriot Starwood, Ohio hospitals and Nissan Canada. The truth is, these attacks happen to tens of thousands of small-medium sized businesses a year, reporters just don’t have the time or resources to publicize them.
What is Ransomware?
Ransomware is a virus or malicious software that is placed on your system, which holds your data hostage and/or threatens to make your data public unless a ransom is paid.
I was recently made aware of ransomware attack on a 65-user company in Canada. The owner of a manufacturing company received a call from one of his employees who let him know “we’re in trouble.”
The employee explained that when he got to the office and opened his laptop, he was quickly greeted by a full-screen pop-up that read similarly to this, “ALL YOUR FILE SYSTEMS HAVE BEEN ENCRYPTED. ANY REVERSE ENGINEERING ATTEMPTS WON’T HELP YOU RECOVER YOUR DATA. IN ORDER TO RECOVER YOUR DATA, CONTACT US HERE.”
The owner started to panic, calling every IT company he could think of to try and fix the issue, but came to the harsh realization that it was too late.
The IT company he chose to work with ran a security audit of the network, which uncovered that the hackers had all the company’s privileged data. Decades of company information ranging from invoicing to manufacturing and everything in-between was now being held hostage. Not only did the hackers have access to the company data, but they encrypted the backups as well, not allowing them to restore from previous backups.
While digesting the harsh reality and still searching for a solution, the company has reverted to methods used in 70’s, filling orders and taking notes with pen and paper. They are receiving cheques from clients, but have no record of what they are being paid for.
If you are only looking for a solution because you’ve been hacked, it’s most likely too late. The best form of protection for your company is always done before any signs of a break or ransomware.
How to prevent Ransomware?
1) Email Security
2) Secure your network and IT environment with additional layering
3) Educate your employees on phishing
4) Consult IT professionals
Instead of waiting until disaster strikes, companies need to adjust their mindset from a reactive to a proactive approach. Stacking security measures and adding layers dramatically reduces the potential for ransomware. Company executives need to understand one thing; preventative measures to avoid ransomware will always be less expensive than paying a ransom. The only remaining question…how much is your company’s data worth?
Contact FenceCore today to find out how we can help prevent a disaster from striking your company.