12-27-21 | Blog Post

Ransomware: What it is, How it Works and How to Prepare

Blog Posts

What would you do if your business was under attack by malicious software? It’s a question that several CIOs and IT leaders lose sleep over. Each day, there are more and more companies being affected by the invisible threat that is Ransomware, a malicious software that blocks access to your entire computer system until a ransom is paid. Clicking an infected email link, downloading a malicious file, and other seemingly routine tasks can be the beginning of an expensive gridlock. For some companies, the cost of paying the ransom alone is enough to bankrupt them; and In some cases, businesses that have given in to paying the ransom still do not get their files back.

With yet another threat to the continuity of our businesses, it is only appropriate that we prepare ourselves to combat it. Let’s walk through the basics of ransomware: How it gains access to your systems, what it costs you and how to protect your company.

How Ransomware Gains Access:

A majority of attacks conducted via Ransomware are performed from oversees on American businesses. In addition, the ransom is primarily paid using Bitcoin (prolifically used in the black market), which is untraceable. As a result, American law-enforcement often does not have jurisdiction to prosecute these attackers nor the means to identify them. This is a problem so inexhaustible that even the FBI’s advice is “to just pay up”.

Infection of ransomware can come from:

  • Opening an email attachment with the malicious virus attached
  • Clicking on a counterfeit online ad
  • Insertion of an infected USB
  • Download of software that contains malware
  • Download of randomly infected Google image
  • Poor cybersecurity of an outsourced company working with your business (janitor, plumbing service, etc.)
  • Poor cybersecurity of current business

Even though you can be infected randomly by clicking on a hacked website, or downloading a virus, you can also be targeted specifically. Many of these ransomware hackers research and target their prey and bait them into their virus. These viruses are almost impossible to be killed once it is on your computer.

The Costs of an Attack:

According to a study completed by Intermedia, every size business is susceptible to infection. 15% of attacks are on businesses under 100 employees, 60% are targeted to organizations that have over 100 employees, and 25% target enterprise level businesses. In addition, companies that operate 24 hours a day are at an increased risk of attack due to the greater cost of downtime (about 3X more) compared to normal business operating hours. Cybercriminals will attack hospitals, restaurants, police stations and other businesses open 24 hours and set ransoms at a higher prices. The number of attacks are also rising, as the number is up 30% (Infrascale) just from last quarter. 30% in a $1B cyber-crime industry (CNNMoney) is huge and is due to the growing amount of transmissions.

Emerson Network Power estimates that the average cost per minute of a data outage is $8,851. The average cost of a data center outage has increased 38 percent over the past six years and is now reaching $740,357 (up from $505,502 in 2010). This does not even account for the downtime costs, which is at an all-time high of $2,409,991 (up 81% since 2010). Cybercrimes, like Ransomware, are the fastest growing causes of data center outages, up 22 percent. With that being said, this is not something to overlook, and precautionary steps are almost a no-brainer at this point.

Protecting Against Ransomware:

In November, 2016 San Francisco’s Municipal Railway (Muni) was attacked by crypto (a ransomware family), and was demanded to pay over $70,000 worth of bitcoins. The hackers effectively shut down the Muni’s fare system for two days while Muni restored its operations from its backups, costing them thousands in revenue. The power to disrupt an entire transportation system in a major west-coast city proves that these ransomware families truly have the ability to infect anybody. However, this attack could have had much dire consequences had Muni not been prepared with system backups.

Security vendors are working around the clock to end the ransomware struggle, but they are forever one step behind. As a result, you and your business will likely, one day, suffer a ransomware attack.

The important thing to remember, as we learned with Muni, is that the solution lies it preparation. Creating a rigorous backup and disaster recovery regimen, will help to restore your systems to a pre-ransomware attack level. One backup copy on-premise, however, is not enough to overcome an attack, as hackers can encrypt local backup servers. A best practice to avoid these attacks would be to follow the 3-2-1 Rule (three copies of your data, on two forms of media, with one copy located offsite). Following this rule will enable an organization to significantly reduce the risk of losing data in the event of a Ransomware attack, as it takes away all of the leverage away from the cybercriminals.

The Bottom Line:

One thing to take away from this is that backing up to the cloud is by far the best weapon against ransomware. It will lower the time you are down, from a few days to a minuscule 15 minutes. Which if you’re following along will save you thousands of dollars and possibly your entire business.

With the increasing urgency of the Ransomware threat, now is the time to become educated on what cloud backup is, and create a plan for recovering your environment.

Set yourself up for success, talk to a cloud backup service provider, and be prepared, not scared!

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved