You sit down at your desk, boot up your computer and are greeted with a message on your screen saying that you no longer have control of your computer, your files are locked, and if you want them back uncorrupted, you must pay a ransom. In a nutshell, this is ransomware at work.

In the beginning, ransomware attacks were directed at individual PC users. The typical ransom was $100 or $200 to get your personal data back. Then a very smart cybercriminal figured that if an individual computer user would pay to get their system unlocked, why not target businesses who can pay more? This endeavor was an instant hit with black hat hackers, and today, there is an unknown quantity of ransomware attacks, and that number grows each month.

How to Protect Your Computer System From Ransomware

Cybercriminals rely on malware (ransomware) and some social engineering to gain control of your business system. Social engineering comes into play by black hat hackers creating an offer so spectacular you cannot afford to pass it up. It may come as a free white paper download, a free demo of software designed for your industry, or another nefarious trick that allows a hacker to get you to click on a link that gives them access to your system. The mode of attack is through an email solicitation or a visit to an infected website.

Once you click on the link in that email from an unknown sender or take a download from an infected website, your system is in the sights of the bad guys. But, the very thing the criminals want you to do — click on a link or download from a website — is what offers your company the best protection. Here’s how:

  1. Every employee, when hired, should be instructed to never open or download something from an unknown sender.
  2. Every employee, when given employment, needs to be emphatically explained the dangers of downloading from an unknown website.
  3. IT departments need to run security system patches and updates as soon as they are received to protect your system. This extends to major programs such as MS Office or custom software you use. Many companies have employees use MS Office Viewers, so Word, Excel or other MS programs can bypass the program and still be seen.

Even with these precautions in place, a business system may still be victimized by a ransomware scheme.

Should You Pay the Ransom?

Some businesses fail to take precautions, and for some companies, their efforts fail to deter a successful ransomware attack. If this describes you, should you pay the ransom?

The answer is – of course not — I have a complete system backup and can restore my system in minutes! But, sadly, even with the prevalence of malware known to exist, too many companies fail to keep complete system backups. So, while law enforcement may say not to, if it comes to a business decision, your company may feel it has no choice except to pay. In instances where ransom was paid, most of the time, the data or systems were returned. After all, if it came out that paying the ransom does not get your stuff back, no one would pay the ransom. It is good business on the part of the kidnappers to give your system and data back. One estimate is that a single gang of ransomware criminals collected more than $325 million in less than two years.

Can a Managed Service Provider (MSP) Help?

Yes! Small- and medium-sized businesses are already struggling to find time to keep their businesses operating smoothly. Maintaining IT departments is often more than a company can afford. Often, they turn to an MSP for help. The best thing about an MSP is that you only pay for what you use. If all you want is an expert at system security, an MSP can handle it; if you want more – say a full-service outsourced IT department – an MSP can handle that too.

RCOR Technologies is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (919) 313-9355 or send us an email at tim@rcor.com for more information.