During the first week of June, according to CBC News, the University of Calgary became a victim of a ransomware cyber attack. A ransom note was left when the University first detected an encryption on their computer network. The amount requested for the method of decryption was $20,000, which was eventually paid to the attacker on June 7th, 2016. The encryption meant that their students and researchers would not be able to access any of their important files, so long as the ransom was not paid, in order to receive the decryption key.
Why are we writing about ransomware when most of our customers are typically Small and Medium Enterprises? The common perception, when speaking about ransoms and cyber attacks, is that this tends to only happen to large worldwide organizations. In reality, even though these small but growing companies aren’t normally targeted, attacks do happen and they are much more likely to suffer the consequences of an attack, since they are the most vulnerable. SMEs rely on out-dated technology due to budgetary constraints and cyber attackers know this. The standard rate of ransoms is about $500 but can go much higher, depending on the attacker.
Below we’ll dissect what ransomware is and what businesses, no matter their size, should be doing to do prevent a cyber attack from happening and from halting their operations.
What is ‘Ransomware’?
Ransomware is a type of malware that encrypts data on infected systems. It has the capability to lock files and allow attackers to demand payment (ransom) in order to release them. Unfortunately, ransomware is on the rise and is constantly evolving, making it a big threat to organizations of every size.
Cyberattacks are a worldwide issue, but it is more common in North America and Europe. The most prominent ransomware families include CTB-Locker, Cryptolocker, Torrentwall, Locky, TeslaCrypt and Cryptowall.
Fortunately, there are affordable and easy ways businesses can protect their data against these types of attacks. It’s after reading reports such as the one from CBC regarding the cyber attack that took place at the University of Calgary this month that makes our team want to fight these attacks that much harder and educate business owners on the methods of prevention. So here we go…
Preventing Cyber attacks
First thing to do is educate employees on what ransomware is and provide them with specific examples of what suspicious emails may look like. It’s extremely important to give them clear instructions on what to do if they do encounter a potential ransomware lure, such as not opening up attachments and saying something to a manager right away.
Next up, make sure the antivirus software on every computer is up-to-date to protect against identified threats. Unfortunately, as we mentioned above, since ransomware is constantly evolving, antivirus software can be breached.
This is where the third and final step comes in; implementing a Business Continuity and Disaster Recovery solution. A Business Continuity solution, like QBR, will allow users to restore the last version of a backup that doesn’t have encrypted files, if an attack were to happen. The company can then be up and running like nothing ever happened.
QBR takes snapshot-based, incremental backups as frequently as every five minutes. This ensures that your business has a series of recovery points for when a corruption does occur. The benefits of a solution this powerful is twofold:
- Companies do not need to pay a ransom to get their data back and continue operations.
- Companies can be certain that everything is clean and the malware is not triggered again by restoring their network to a point-in-time before the ransomware infected their systems.
Our customers, currently using QBR, treat this solution as their “insurance policy”; allowing their company to continue running even after a cyber attack, a flood, virus, or even hardware malfunction.
If only the University of Calgary had a Business Continuity solution…