Red keyboard

Two weeks ago I went to an appointment at a small medical office and was told their computers were offline.  Yesterday I got an email that their computers were (finally) back up and the cause of the issue was a ransomware attack.

Ransomware is a virus that encrypts data on computers, making it unreadable.  Unlike other computer viruses that steal information, the attacker usually interested in getting hold of the data, only ransoming it until the money is paid.  No company or person is immune.  It is easy to be tricked into clicking a Web link or opening an email that contains the initial malware.  From there, the virus can often spread from computer to computer, resulting in the complete loss of company information.

According to leading security awareness vendor KnowBe4, downtime from a ransomware attack costs small businesses an average of $46,800 let alone the cost of the ransom.

As with other cybersecurity measures, the best preventative measure is employee education.  The Department of Homeland Security also recommends:

  • Backing up all data,
  • Staying on top of all regular computer patches,
  • Keeping your security solutions up to date,
  • Review and practice an incident response plan,
  • Paying attention

While security measures can help thwart many attacks, staying safe also requires some luck.  There simply are no guarantees.

If you are attacked, your best recourse is restoring your data from uninfected backups.  According to a McAfee researched, “paying ransoms supports cybercrime businesses and perpetuates attacks.”  Moreover, researcher Alan Woodward states that paying the ransom does not guarantee to get your computer files unlocked.

Here is a link to a book with much more information on preventing and remediating attacks: Ransomware