Ransom + Software May = Ransomware
Advancements in both hardware and software technologies have allowed businesses to expand their markets, reach new customers, and become far more productive than they could have possibly dreamed.
As is often typical however, new ways of doing business also open up new avenues criminals can use to steal, or hamper a company’s daily operations just “for the fun of it”. In some cases, hackers and criminals employ what amounts to kidnapping of data or other technological resources until a business pays a ransom. For companies who are not well prepared for such attacks — ransom + their corporate software vulnerabilities may indeed equal a ransomware attack.
How It’s Done
There are several ways that hackers and criminals can gain access to corporate networks and the data that resides on them, but one of the most popular is through a phishing attack.
In a phishing attack, a hacker will typically send an email that looks like it is from a legitimate source such as another employee, often high ranking in the company, or another company that may be a client, vendor, or partner. If the employee receiving the email is not fully prepared to spot a phishing attempt, they might reveal the login credentials for access to the corporate network and/or software applications. Once in the system, hackers can encrypt files, barring employees from accessing any corporate systems until the company pays a ransom. In more than a few cases, the ransom amount paid was quite steep.
Who is Vulnerable
Essentially anyone doing business online can become vulnerable to a phishing attack. However, in recent years municipalities have become increasingly vulnerable to these types of attacks. Large and even medium-sized cities have become popular targets since the systems they oversee provide essential services for both businesses and residents in the area.
Proper training is one of the essential keys that can help to eliminate a ransomware attack. Employees need proper training to spot phishing attempts and other suspicious online activity.
A comprehensive tested backup plan is also essential. Up-to-date backups that are held in areas where even hackers cannot access them is key to recovering from a ransomware attack. Regular testing of a backup restoration is also essential to ensure the restoration process will run smoothly if an attack should occur.
If you would like to know more about how to prepare your company to withstand against cyber criminals, please contact us.