TREND / INNOVATE
Ransomware WEDBUSH YOU ARE INVITED!
FREE SEMINAR:
Peace of Mind in Retirement WHEN
Wednesday, May 10th, 2017 6:00pm - 7:30pm
WHERE
Join us for an educational event and free financial analysis!
Comfort Inn Goshen 20 Hatfield Lane Goshen NY, 10924
Please RSVP: 845.774.2745 Email: scottlask@wedbush.com
This educational event is designed for investors who: • Are interested in learning about retirement investment strategies • Have $250,000 in investable assets Scott Lask, CWS™ CEO & Founder Scott Lask Weath Management Group 9 Colony Drive, Monroe NY, 10950 Direct (845) 774-2745 | Fax (845) 774-2746. SECURITIES OFFERED THROUGH WEDBUSH SECURITIES www.wedbush.com | Member NYSE/FINRA/SIPC
14
Ransomware is on the rise, with cybercriminals regularly developing new variants of the malware, targeting more businesses, and demanding larger payments to “restore” user data. With the emergence of ransomware-as-aservice (RaaS), even criminals with minimal technical skill can launch devastating attacks against businesses and organizations. According to the FBI, Ransomware payments have dramatically increased to around $1 billion in 2016, compared to just $24 million in 2015. With this growing malware epidemic, it is important to not only have awareness of the threat, but also know how to protect yourself and your business. W H AT I S R A N S O M W A R E ?
Ransomware is a form of malware that encrypts files on an infected device, effectively “locking” and holding the files hostage until a “ransom” fee is paid. The malware is spread, in the vast majority of cases, through spam and phishing emails containing malicious attachments. These emails are often mimicked to look like a legitimate email from an acquaintance, easily fooling the intended victim. Several months ago we were contacted by a client who needed help rescuing her office computer. She claimed it became virtually unusable after a seemingly legitimate email was opened by one of her employees. With a popup on the screen demanding an immediate payment to restore all files and prevent them from being lost forever, it was clear ransomware was the most likely culprit. A quick investigation confirmed the theory as all files on the computer were in a “locked” state. To make matters worse, it quickly became evident the malware also encrypted files on two external, shared drives on her network. Fortunately, this particular ransomware infection was not complex and we were able to create a solution to decrypt the files. Once the files were successfully restored and all instances of the malware manually removed, it was evident to the client that security needed to be hardened immediately. Since the incident, she has taken our advice to thoroughly upgrade her security, establish formal security
policies, and provide training to her staff to combat the risks of malware infections that could otherwise prove catastrophic. H O W T O C O M B AT R A N SO M WA R E
There are several things businesses and organizations should be doing to combat ransomware and reduce the risk of becoming infected. The best defense against ransomware is maintaining daily backups of all your data. Having at least two different [current] backups in addition to an archive and offsite backup is an effective setup I personally use frequently and has proved to be a lifesaver. It is important to note that ransomware is known to also attack the drives mounted to the infected device; as such, it may be wise to disconnect any infected computer from both the network and other devices as soon as possible. Installing and maintaining security software with the latest security updates is crucial as it will help protect your device against known versions of the malware. However, this will not protect your computers against zero day exploits – in this case, newly released versions of ransomware that are not yet known by security software vendors. Limiting the permissions of employees on their machines is another important step in hardening security. It’s typically not recommended for employees to have administrative privileges if they don’t need them. This concept also applies to those at home with personal computers. It’s better to have an account with standard, more restricted permissions for every day use and a separate account with administrative privileges to be used only when needed. Lastly, it’s important to perform training sessions where possible geared towards raising awareness of the latest cyber threats, in addition to how to avoid them and what to do should an infection be suspected. Developing and maintaining clear security policies for employees to adhere to is key.
T H E O R A N G E C O U N T Y C H A M B E R B U S I N E S S W AT C H | A P R I L / M AY 2 0 17
BY LOUIS KOHMAN Louis Kohman is a technology enthusiast and entrepreneur with 5 years of experience in the web hosting industry. He is a strong cyber-security advocate and has a passion for mentoring aspiring entrepreneurs and startups. He is employed at the Niki Jones Agency, Inc. as the IT Director. You can contact Louis at 845-856-1266.
H AV E YO U B E C O M E A V I C T I M O F R A N SO M WA R E?
If your business does fall victim to ransomware, the decision to pay is not one to be taken lightly. Though some businesses have reported paying the ransom demand and having their files restored, there is nothing stopping the cybercriminals from attempting to extort even more money or simply disappearing after receiving the ransom. While some recommend only paying the ransom as a last resort, many security experts argue that you should never entertain any ransom demand. Robert Herjavec, CEO of The Herjavec Group, an information security firm, said on CNBC’s “Squawk Alley” in 2016, “We never recommend that you pay because you have no guarantee that you won’t be a victim again.” Should you decide to tackle a ransomware infection head-on, hiring a cyber security expert may be one of the best routes to take to potentially save your data without giving into the demands of cybercriminals. For businesses with technologically savvy staff or strong self-determination, there are various decryptors available on the Internet, many of which are free, that can successfully restore files locked by many types of ransomware infections. Be sure to verify the source is trustworthy. Whether you’ve overcome a ransomware infection or are simply reading this to learn more about a rapidly growing epidemic, it’s important to take away from this how crucial it is to maintain modern security practices in order to protect yourself and your business from the many cyber threats that exist in the world today, and the ones that will be unleashed tomorrow.