Threats to personal and company information are constantly evolving. In the past a simple antivirus program was all you needed to be safe. Now? You need tools, awareness, and knowledge.
Unfortunately, staying abreast of the latest threats can be difficult due to the rate at which they change. Malware, spyware, cryptojacking, trojans — the list of threats goes on and on. The latest threat to take the world by storm? Ransomware.
With a different company being targeted by ransomware every 40 seconds, knowing how to protect yourself is key.
Ransomware: An Expert’s Firsthand Experience
Ransomware, while initially created in 1989, is only recently becoming a large threat to digital information. To better-illustrate the threat of ransomware and to offer some first-hand information on the topic, we brought in Larry C. Bates, the Head of Security Infrastructure at ZTips.
How would you explain ransomware to a five-year-old?
Imagine if you have a bicycle. If you want to keep your bike safe, you lock it up right? Now, Ransomware would be like if you came to find not only was YOUR lock on your bike, but someone else put a lock on it. To make matters worse, they then demand that you pay them money to take the lock off your bike.
Nearly everyone has a bike, just like everyone has data floating around. What are the chances your average internet user is a victim of ransomware?
It can happen to anyone because it also plays on the psychological aspect of the users not knowing what is happening. I see many “bluff” ransomware attacks that you can end by just “closing the window,” but it looks so official and so alarming that the average person might just fall for it.
With this threat being so prevalent, have you had any experience dealing with ransomware yourself?
There was a period when I was doing intrusion detection for a blockchain that was in its testing stages, and the chain got attacked.
In the process, the attackers demanded ransom, and as we negotiated, I basically told them that the chain was useless if they attacked it, so we would just start over and they would not receive a dime from us.
After a couple days of sustained attacks, they gave up and asked if they could come work for us. I politely declined, but did not antagonize them further.
I have helped other organizations deal with ransomware that froze their servers, and in another situation, there was an attempt at a ransomware attack, but it was on a “honeypot” server, or a computer that is set up as bait to attract the attention of hackers instead of more sensitive access points.
Since they attacked the honeypot, we instantly blocked all the traffic coming from that country, and kept up the block for enough time to know that the attack attempt had ceased.
How did you end up helping them through the process, and was their information secured?
Part of helping people is just getting them to a calm state so they don’t freak out. In all the cases I have dealt with, the information was preserved, but it’s something that just happened because of circumstance.
How much did these attacks end up costing the companies?
In my case, it cost them time.
What can the average internet user do to protect themselves against ransomware?
Using any type of ad blocking software will mitigate a lot of the social engineering ransomware attacks. These are the fake attacks that just look like they’re locking your computer. Those attacks use a function that keeps the window from completely closing when you click on it, UNLESS you have an ad-blocker.
The average Internet user also needs to take at least an hour and learn the different types of attacks that exist. Ransomware is just the “current” attack vector, and as soon as something comes into existence to make it obsolete, there will be something to replace it. Having situational awareness is the best defense.
Until ransomware is old news, what trends do you see happening with ransomware?
To be honest, the biggest problem with ransomware isn’t necessarily the complexity of the attacks, so much as companies not giving their IT teams big enough budgets to be prepared against these types of attacks.
Corporate culture says it’s better to just pay the ransom, hoping it’s lower than the cost of hardening their security. These types of calculated risks are why you end up with companies like Sony having massive data leaks. It’s not the attack, it’s the defense (or lack thereof) that’s the problem.
Ransomware Protection: The Next Steps
Unless you’re versed in cybersecurity, like Larry, ransomware is going to be a real headache to deal with. Rather than risk your data, time, and money, take proper precautions to better protect yourself.
Start by blocking ads and reducing your chances of getting infected with any kind of ransomware or malware.
Next, stay current with the latest threats. Numerous phishing tactics rely on users being unaware of the methods being used. If you know what kinds of tactics are being used, you won’t fall prey to them. There can even be infectious Chrome extensions, so staying abreast of the latest threats is key to safety.
If you’re a decision maker at a company, buck the trend Larry mentioned and make sure your IT team is properly staffed and equipped to handle any kind of ransomware threat. A ransomware attack could cost you millions in lost data and time. It’s better to be prepared now, than wish you were later.
A new company falls prey to ransomware every 40 seconds. That company doesn’t have to be you.