Close this search box.

The Scary Truth About Ransomware and What You Can Do About It

Pirate flag with red background on laptop.

ALERT: Please be advised that there is a marked increase in ransomware attacks against businesses nationally.  As you may have seen, this issue recently made headline news, with a high profile attack on Hollywood Presbyterian Medical Center in Los Angeles.  A number of police departments around the country have also been targeted.

The Reality of Ransomware

According to Smyantec’s 2015 data, the US was one of the top ten countries being attacked, and the volume of both computer locking and data encryption attacks was significantly higher than in any other nation. Estimates indicate that as many as 100,000 new computers are getting hit daily, which is making it impossible for government enforcement agencies to keep up.  Hackers are casting very wide nets because in many cases – about half – the victims find it more cost-effective to just pay the ransom and get back to work.  In some cases, the FBI has advised businesses to just pay the ransom, saying that the ransomware is “just that good.” As they continue to be funded by collecting ransoms, the ransomware strains – like Cryptowall, Cryptolocker and the newest one named Locky – are becoming increasingly complex and impossible to contain, in addition to being increasingly profitable for the hackers using them. With the prominence of this issue, we have put together a basic overview on what it is and what you can do to avoid becoming a victim.

What Is Ransomware?

Ransomware is a type of malicious software (malware) designed to block access to a computer system until a sum of money is paid.  In some cases, access to the computer is blocked (Locker ransomware), in other cases the malware acts to encrypt all of the data on the computer (Crypto ransomware).  Basically, your data and/or access to your data gets kidnapped.  Hackers will then send instructions on how to pay a ransom demand in order to have access or data restored.

How Does It Get Into My Computer or Computer Network?

Ransonware is typically spread through phishing emails that entice the user to open infected attachments, or click on infected links.  Hackers are using very sophisticated social engineering tactics, creating a sense of urgency and/or fear around the need to take action (to click a link or open an attachment) NOW. The tactic known as “drive-by” downloading is when users are lured to a compromised website by a phishing email or a simple pop-up window.  In this case just landing on the site is enough to allow the ransomware access. Even if a malicious link is opened on a single computer within a network, these viruses have the ability to infect not just that hard drive, but also any external or shared drives to which the computer has access.

What Does an Attack Look Like?

It varies, but it’s common for victims to have their computer screen freeze up and get a pop-up message that indicates that some sort of federal law has been violated and that the computer will remain locked until a fine is paid.  Other fake warnings include false claims that the system has been used for illegal activities, contains content like pirated media or pornography, or that it runs a non-genuine version of Windows. The goal is always payment, so in some way, shape or form victims will receive a message that coerces payment in exchange for removing the malware.

What Can You Do If You’ve Been Hit With Ransomware?

For businesses that don’t want to pay the ransom, data recovery from backup is the only restoration method available after a ransomware attack.  This highlights just how critical it is to have sound, regular backups running.  If you don’t have backups management or aren’t sure if your backups are working properly, this should become a top priority.  As we have seen with many of these ransomware attacks, businesses who are unable to restore the corrupted data through their most recent backup are being forced to pay the ransom. The hackers facilitating these ransomware attacks have made it fairly easy to pay the ransom, even providing customer service support in some cases.  The most common form of payment seems to be Bitcoins, and they provide victims with information on how to purchase and transfer them.  Hollywood Presbyterian Medical Center, for example, was forced to pay 40 bitcoins, or about $17,000. The ransom is for the purchase of the key that is needed to decrypt the files that the virus encrypted.  Often the hackers will provide victims with a countdown clock to a time when the ransom will double, or when their information will be permanently destroyed.

What Can You Do to Avoid a Ransomware Attack?

Because ransomware is typically spread through phishing emails, the best defense against them is constant vigilance on the part of all of your end-users. Be suspicious of any unknown links, unsolicited or unexpected attachments in emails, or “too good to be true” offers that tempt users to click now.  Even be aware of emails that appear to be from known contacts but maybe the email formatting is incorrect, the subject or the actual request within the email are suspicious, or you weren’t expecting to receive an attachment from them.  Most importantly, always stay in control of where you land on the Internet by avoiding clicking on unsolicited links on websites or in emails. For anyone in a business, we strongly recommend that you to circulate this alert to all end-users in your office, reminding them to THINK BEFORE YOU CLICK.  Hackers are using very sophisticated social engineering tactics, meaning awareness really is your best defense. Remember that your strongest defense against these ransomware attacks – or any kind of malware or phishing attack – is education and vigilance by your end-users. But your ONLY absolute fail-safe is to just assume that you are going to get hit with it one day and put good data backups in place.

Ready to Talk About a Better Data Backups Solution?

We can help.  Because if your idea of a modern, sound backup solution for your business is a weekly tape backup, it’s time to upgrade.  Even if you’re just not sure whether or not your nightly backups are actually working, it’s good practice to evaluate the process and ensure that you are protecting your most important business asset – your data. 

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

EDI Transactions and Document Types - Corsica Technologies

EDI Transactions: What It Takes To Win

EDI transactions are the lifeblood of processes like order placement, shipping, receiving, claims processing, and more. Across numerous industries, these transactions keep things moving in a way that no other technology can. In fact, you could say EDI solutions make

Read more
EDI 856 - Advance shipment notice - Corsica Technologies

EDI 856: Getting Your Advance Shipment Notices Right

Shipping and logistics get complicated when you have sensitive products and limited warehouse space. How do you ensure the warehouse is ready to receive a shipment—and ready to handle time-sensitive products appropriately? An EDI 856 document solves this problem. This

Read more
Cloud Data Integratoin: Power vs. ease of support - Corsica Technologies

Cloud Data Integration: Power vs Ease Of Support

It’s essential for cloud systems to talk to each other. If they don’t, data can become siloed, without widespread availability across the organization. But cloud systems introduce their own complexities that are different from on-premises systems. How do you choose

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.