A disturbing new trend is emerging in the world of cyber attacks on businesses, and it could mean bad news for organizations across the board. In the past, companies may have been hacked and had data compromised or stolen. Or, perhaps their networks were infiltrated by a virus, and data loss and system downtime temporarily put a halt to operations. The latest evolution in attacks involves a slightly evolved bit of programming called ransomware, and it’s holding businesses ‒ and their data ‒ hostage.
What Is Ransomware?
In much the same way that users can unknowingly contract a more traditional virus on their computer ‒ from email attachments or unsafe downloads, for example ‒ ransomware is a tiny program that gains access to a computer or network by exploiting security weaknesses in the software. Rather than scanning and collecting information such as credit card information and social security numbers, ransomware locks down files and makes them completely inaccessible to users.
The only way for users or businesses to regain access to their own files is to pay a ransom ‒ usually in the form of bitcoins ‒ to the person or group holding the files hostage. The use of bitcoins is an essential part of the equation since bitcoin wallets are completely anonymous, and there is currently no way to trace a bitcoin wallet to a real-life individual. This keeps the attackers hidden, and it prevents them from potentially exposing themselves by trying to use a stolen credit card number or other personal information.
Where Are the Authorities?
When a person or business is being held hostage, the usual response is to involve the authorities rather than simply paying the ransom. The problem with ransomware, however, is that it is exceedingly difficult, if not impossible, to trace the attack to an individual. Plus, many businesses are worried about exacerbating the situation or sending a beacon to other attackers, letting them know that they’ve been compromised. In some cases, businesses simply do not want the attention that comes with an investigation and do not want their clients and associates to know they’ve been compromised.
For now, the authorities are spending most of their time investigating ransomware as a whole, while anti-virus and protection companies work hard to eliminate the weaknesses that are being exploited that make ransomware possible.
What Does This Mean for Businesses?
It is obvious that even the smallest business should take these threats seriously. Even a ransom of a single bitcoin ‒ about $426 ‒ can take a bite out of the books of a small business and make it worth it for attackers to target them. For most small- and medium-sized businesses, it’s simpler and easier to just pay the ransom than undertake the lengthy and expensive task of rebuilding systems.
Updated software and protection systems are essential, but this is not news. What may be the key to keeping attacks like these at bay is changing the mindset of business owners, from the sole proprietor to the CEO of a multi-national corporation. They must start making security part of the everyday conversation and keeping it part of the continual operation of the business rather than waiting to deal with it after an event happens.
In the same way that businesses with valuable inventories lock up their warehouses, make use of monitoring equipment, and employ security firms rather than leaving the door open and relying on insurance to cover the cost of theft, today’s businesses must do the same with their data and networks to stop the evolution and escalation of ransomware.