Let us start this conversation with a simple line: no business is too big or too small to be a target for ransomware.
It is simple to think that a network of only a couple of computers is not a lucrative target for a hacker, and you would be right if that hacker had to do work. Ransomware does not require the hacker to do anything once the attack has begun, and that is why ransomware attacks are so lucrative.
Once the hacker has built their ransomware package and attack vector, usually an email, they only need to wait. The software package they built will do the rest.
The beginnings of an attack
Ransomware attacks start with a computer programmer turned hacker building a malicious code that runs on a computer. This code, generally, first starts by encrypting local files on a computer. But all in the IT field know that the files on a local computer are not very valuable. Believe it or not, those summer vacation pictures are not worth a hacker’s time.
When finished, the software looks for open files shared on a network. These are usually on a server. Once it finishes encrypting the files on the network shares, it begins looking for new hosts, where it will install itself, and the process starts again there.
This happens in a matter of seconds, and no human is doing this. It is automated.
There is no reaction time. There is no “cut the hard-line” action that can be done to stop the process. Your network has the plague, and no vaccination is going to help at this point.
It is that automation that means every network is suddenly a lucrative target.
What happens next?
Sadly, you pay. You either pay the hacker to unlock the files, a risk in its own, or you pay a highly skilled counter-hacker to decrypt your files, which usually costs more and comes with 0 (zero, none, nil, zilch) guarantee.
Then you pay us, or someone like us, to come put your life and business back together. This process usually takes days, sometimes weeks, to complete. All this time, your business is frozen in time, because everything depends on a computer now.
Your business and network will never be the same.
How does one survive a ransomware attack?
This is the kicker: you usually do not.
See, while your company is frozen in time, you must still pay your employees. Vendors still send bills. Taxes are still due. And Clients are still expecting their needs to be fulfilled. While you are stuck, life goes on… with or without you.
https://www.cisomag.com/ryuk-ransomware-took-down-u-s-coast-guard-operations/
https://techcrunch.com/2019/04/02/arizona-beverages-ransomware/
We want you to look at these links and read them. These are not sales gimmicks put out by IT security companies, these are news articles on news sites.
What does a company do to protect itself?
The answer is simple. You must plan ahead.
First and foremost, you must get protected. Every computer, not just “those that read email” must be protected. Attack vectors come from anywhere, forms of hacked websites, false tech support calls, real hacking (when they breach your network), and socially engineered scams. They can even come from inside.
Second, you must prepare your users for battle. They must be trained to recognize scams, bad links, and nasty emails. They must be the front-line of defense and know that they can be the make or break in IT security.
And last, you must be prepared for a breach. Backups, disaster recovery, and contingency plans are a must.
In all instances, we are only a phone call away to gladly answer all your questions about ransomware, antivirus, user training, and steps you can take to protect your data.