Talk about a growth industry. According to the FBI, the amount of ransomware payments exploded from $24 million in 2015 to more than $1 billion in 2016.
Ransomware has been hammered into everyone’s consciousness this week because of the massive malware attack known as WannaCry that locked files on more than 200,000 computers across the world. Ransomware is a malicious piece of software that encrypts a user’s files then demands payment to unlock them.
Ironically, for as famous as the WannaCry virus has become, it’s turning out to have a fairly poor return on investment, at least in comparison to other attacks. As of Monday 15th May, hackers had made just $50,000 in ransom and because the payment was demanded in bitcoin even that amount is going to be difficult to convert to dollars.
Still, the fact that so many organizations and computers were infected shows the vulnerability of systems worldwide. And the criminals are getting smarter. They can now buy ready-made ransomware software from super hackers that make it possible for anyone with basic computer skills to launch sophisticated attacks.
Thinker offers managed IT services. We work with our clients to make sure their systems can survive a ransomware attack. The keys are:
- Back up your data! We set up a frequent and regular backup routine for data and make sure it is stored securely either on the network or in the cloud. These should not be directly accessible to the PC they backup in case that PC becomes compromised and starts encrypting its backup location.
- Patch and update: We work with our clients to make sure they install all automatic updates for all software on all devices, including security software, apps and operating systems. The Wannacry vulnerability was patched three months ago. Any PC which was compromised either didn’t have the latest updates, or ran an operating system which is now no longer supported such as Windows XP.
Of course, your IT firm can do only so much. Three things you should remember to help keep your computer or your company’s system secure:
- View email with suspicion: Most ransomware is delivered by email that instructs you to open an attachment or click on a link. IBM estimated that 40 percent of all spam emails sent in 2016 contained ransomware. If you’re not expecting it don’t open it. Consider using a service like Google GSuite, which pre-scans your emails and protects you when it detects an issue.
- Disable MS Office macros in Email: Document macros are the most common way to deliver ransomware. Make sure macros for email and documents are disabled by default. Do not click on an attachment directly, but save it, then right click on it and scan it with your antivirus.
- Lastly, consider moving to a cloud-based work environment, like Google Gmail and Docs, and using a Chromebook or Chrome-based PC. This will make it impossible to contract a Windows virus. Ninety percent of most people’s workload can be done entirely from the Chrome browser. It will also move the responsibility for backup to Google, who are infinitely better at it than any IT department or home user.