The Impact of Ransomware

Rasomware is a type of malware that prevents your company from accessing it's data until you pay the attacker a ransom to get your data back.It is also possible that your systems will become infected with other forms of malware once a successful attack occurs.

Some messages that might be displayed are:

• "Your computer has been infected with a virus. Click here to resolve the issue."
• "Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine."
• "All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data."

The impacts of a ransomware attack to your company could include the following:

• temporary, and possibly permanent, loss of your company's data
• possibly a complete shutdown of your company's operations
• financial loss as a result of revenue generating operations being shut down
• financial loss associated with remediation efforts
• damaged to your company's reputation

Note that paying the ransom does not guarantee that you'll get your data back. Of the SMBs that suffered a ransomware attack and paid the ransom, 1 in 5 did not get their data back.

Some ransomware statisics to keep in mind:

• the frequency of ransomware attacks increased by 3x in 2017 over 2016: an attack occured every 40 seconds vs. every 2 minutes in 2016.
• mobile ransomware attacks increased of 250% in 2017
• there were 4.3x new ransomware variants in 2017 vs 2016
• 75% of ransomware victims lost access to data for more than 2 days
• 67% of businesses hit by an attack permantly lost all or part of their data
• nearly 75% of targeted businesses don't have the proper security measures in place to avoid infection

Employee Security Awareness Training is Essential

The #1 vulnerability for business networks are the employees using them. It’s extremely common for an employee to infect an entire network by opening and clicking a phishing e-mail (that’s an e-mail cleverly designed to look like a legitimate e-mail from a web site or vendor you trust). If they don’t know how to spot infected e-mails or online scams, they could compromise your entire network.

A successful Ransomware Attack is at the very least expensive and damaging. At worst it can destroy your business.

An effective Security Awareness Training program results in less infections, support calls and time fixing user mistakes.

A quality and effective Security Awareness Training (SAT) program includes:

1. Phishing simulations to test employees to ensure they understand how to spot phishing emails as well as to ensure they are being diligent in applying the principles they learn in the program
2. Comprehensive Educational courses within a highly automated Learning Management System

Why Having a Blacklist Policy is Important

A Blacklist Policy, coupled with the appropriate network software, blocks employees from visiting of various categories of websites that present a number of different risks to an organization.

On Oct 17, 2018, the Office Of Inspector General released a report that outlines how the U.S. Geological Survey (USGS) network was infected with malware because a civil servant had an "extensive history" of watching porn while at work. The employee's Android cell phone was also infected with malware and was connected to the employees work computer via the USB interface. It was discovered that the employee visited approximately 9,000 web pages, many of which were routed through to sites containing malware in Russia.

In this instance, the malware was discovered after suspicious internet traffic was detected during an IT security audit. It is unclear how long the malware would have gone undetected had the IT security audit not been conducted. In this instance, a ransomware attack was not initiated.

The investigation identified two serious vulnerabilities in the USGS's IT security posture:

• website access - the employee was able to access websites which presented security and other organizational risks
• open USB ports - allowed malware on the employee's Android cell phone, which could have been infected at the employee's home, to infect the employee's work computer and the USGS network

Developing a Blacklist Policy is relatively easy and the required network software (DNS filtering) relatively inexpensive.

Employee Security Awareness Training (SAT) is another important prevention step that business owners can take to reduce security risks.

3 Reasons to Replace Old Computers

1. Every PC older than four years can cost you over $1,700 per year, per device in maintenance, repairs and lost productivity, as compared to a new device.¹

2. Older devices lack the latest updates putting them at risk for cyberattacks and data breaches that affect more than 50% of small businesses.²

3. New Windows 10 Pro devices keep you protected and your employees productive–even on the go–with 25% more time efficiency³, 28% faster startup⁴ and a battery that lasts three times longer⁵ than an older device.

Source:
1) Pivoting SMBs to Buy PCs; Techaisle, 2015

2) Ponemon; 2016 State of Cybersecurity in SMB (USA); Canadian Chamber of Commerce, An Analysis of the Adoption of Internet-based Technology, February 2017

3) Forrester, Total Economic Impact of Microsoft Windows 10

4) Testing conducted by Principled Technologies in July 2015 in a closed lab environment using OEM factory default images on a representative sample of Windows 7 devices. Each boot test was run 10 times and the averages compared. Average improvement in startup was 28%.

5) Performance of 6th Gen Intel® Core™ processors in Windows 10 devices, estimated based on Windows 8.1 Local HD Video Playback Power, Comparisons based on Intel Core i5-6200U vs. Intel Core i5-520UM