On January 19, 2017 Dell hosted a roundtable event at the Clift hotel in San Francisco to discuss ransomware and its effect on small businesses. Erik Day (VP & General Manager of Small Business Sales at Dell), Michael Kaiser (Executive Director at National Cyber Security Alliance), Brett Hansen (VP, Endpoint Data Security and Management at Dell) and Raj Rajamani (VP Product Management at Cylance) led the discussion covering topics from modern day ransomware attacks, who is being targeted to what procedures need to take place in order for small businesses to protect themselves.
The History of Ransomware
Rajamani discussed the history of ransomware and how it has evolved over the past couple decades. Ransomware began in the early 90’s as a bug that would infiltrate your computer and encrypt documents so the owner would no longer be able to access them. The attacker would then send a message saying that the files could be restored with a repair kit, which was essentially a decryption key. Kaiser added that the attacker would use the money he collected from these ransoms to fund AIDS research. In the early 2000’s a form of ransomware was used to infiltrate peoples computer and would pop up explicit images. A message would offer a way to rid this through a sms text costing about $15-$20. Modern day ransomware attacks will lock down IT systems and request bitcoins to unlock their system. Bitcoin is a cryptographic currency, which is largely untraceable. The rise of bitcoin has enabled attackers to go about business with minimal repercussions.
Small Business and Ransomware
With over 4000 daily ransomware attacks and the average ransom rising from $300 in 2015 to $800 in 2016, small businesses need to start taking action to protect their company from the exploitation of these attackers. Many small business owners don’t believe that an attacker would target them, and are often uneducated about cybersecurity as a result. In actuality the majority of cyber attacks are against smaller businesses as they are more easily infiltrated. Approximately 60% of small businesses that are breached will go out of business within the next 6 months. This is even a greater reason for small businesses to have a call to action plan in place in the event of a breach. Don’t assume that you are not an ideal target for an attack as the volume of attacks is skyrocketing year after year and anyone can be a target for an attack.
How to protect your business against ransomware:
- Document how your employees are accessing data and protect those endpoints from potential intrusions.
- Educate your staff on best practices with handling important data and accessing files from unknown sources.
- Make cyber security training an essential part of your businesses workflow.
- Update your Malware and cyber security software. Much anti-viral software is outdated and cannot protect your devices from new complex bugs.
Unfortunately, there isn’t an all-encompassing anti-viral software that will solve all your problems. Attackers are always engineering new and creative ways to exploit businesses and people for monetary gains. It is important that we get in the habit of maintaining our knowledge on the latest trends in cyber security and practicing healthy internet hygiene.