Ransomware is Bad News for Businesses and Organizations Big and Small

Should you pay a ransom for a ransomware attack?

How much prep work does a wannabe cybercriminal need to set off a ransomware attack?

Who/what are the targets of ransomware?

These are just some of the questions and topics explored in the recent 60 Minutes feature, Ransomware: How Cybercriminals Hold Data Hostage.

What is ransomware?

Ransomware is a cyberattack that encrypts your computer system’s data, rendering it useless. The criminals ask for a ransom amount, typically in hard-to-trace cryptocurrency, in exchange for decryption keys that will reverse the encryption process.

Ransomware is a serious threat to businesses and organizations large and small.

Credibility keeps the ransomware machine going

Should you pay a ransomware ransom if you get infected?

Some experts believe paying a ransomware ransom may actually be best if you have no other recourse.

Take Leeds, Alabama, for example. The cybercriminals asked for $60,000 and Mayor David Miller said they negotiated down to $6,000. He claims that payment got them keys to decrypt the files that were held hostage.

The City of Atlanta, attacked shortly afterward with ransomware, refused to pay the $50,000 ransom on their encrypted data. As a result, they had to pay millions in recovery.

“Honor” among cybercriminals helps keep the money coming in. If the decryption keys never worked, people would stop paying.

However, take note that there are many businesses who paid the ransom and either got useless decryption keys or none at all!

5 minutes to execute a ransomware attack

Slightly over five minutes: That’s how long it took Tom Pace, a guest security expert in the 60 Minutes feature, to log in to a ransomware-for-rent website and successfully attack and encrypt a test network.

Yes, five minutes.

Pace did not write a single line of code in the process.

Phone, devices, IoT

Cybercriminals target business and organizations of all sizes, from “little” Leeds, Alabama to “great big” Atlanta.

Hospitals, municipalities, large corporations, and mom-and-pop shops — they’re all fair game.

As more and more devices tap in to the internet, expect to see attacks on those as well.

This so-called IoT, or Internet of Things, could present many security challenges.

Imagine phones and other devices held for ransom… or used to control other devices.

Security forevermore

“Ransomware will be a fixture in the internet-connected digital world for the foreseeable future,” said Brian Walker. “Computer users and those who protect them must remain vigilant against existing and future threats.”

The best defense against ransomware is layered security. Since there’s not one single appliance or software that can provide an impenetrable barrier against threats, having multiple barriers can make it more difficult for attackers to get through.

The ultimate failsafe against infection is a solid backup and business continuity plan in place.

Even with the best security in place, a single user mistake or lapse in judgment can allow the bad stuff in.

“Indeed, user awareness will be a key weapon against cyberattacks,” stressed Walker.

“For a free ransomware/security consultation, Thrive can help. ”