He’s Not Actually a Prince from Nairobi…
Let’s be real: we’ve all clicked on something we weren’t supposed to before. Sometimes it’s an ad teasing the release of a video game you’ve had your eye on, maybe it’s a paid link in a recipe article. We love to click, that’s why we’re on the Internet, but sometimes, a click can be dangerous.
Yes, I’m talking about ransomware. How often have you gotten an email promising a free vacation, a new car, or some other ridiculously amazing prize? Maybe you know not to click on it, but rest assured that plenty of people click with abandon. You want that free vacation to Sicily, Brenda from HR? Of course you do. Well, now you’ve lost all of our company data to some hacker who probably hasn’t even gotten dressed today.
But let’s not keep bagging on Brenda. (Even though, come on, you’re old enough to know by now that there’s no such thing as a free lunch.) Not everyone is an IT enthusiast like you and me. And, the truth is, cyber security issues and risky clicks are going to happen. It’s up to you to protect your company. I’m here to help.
What is Ransomware? What are the Risks?
Ransomware is malicious software that blocks access to your computer system and then holds it for ransom until a large sum is paid. Cyber attacks like this are nothing new (Hello Prince Alderdeen of Nigeria!), but in our current day and age they’re far more sophisticated than you may be used to.
Ransomware attacks often happen to businesses and companies that fail to enforce or follow strong cybersecurity frameworks. This includes:
- Choosing strong, hard-to-guess passwords
- Providing employees with security awareness and education
- Updating operating systems and hardware
- Using access management controls
The worst part? Paying your ransom doesn’t even guarantee that you get your information back. They’ll keep your money AND your data. And you’ll just be left wondering if Brenda would like an early retirement (ok, ok–last time I talk about Brenda, I swear).
How does Ransomware Work?
It goes something like this: an email with a link is sent to someone in your company’s inbox. They click on the link and, suddenly, they can’t even use their computer. The screen is completely frozen.
From there, it only takes a few minutes for the software to encrypt all of your files. One of the fastest forms of ransomware, a software called LockBit, took a median time of just 5 minutes and 50 seconds to encrypt 100,000 files. That’s pretty fast!
Preventing ransomware attacks is much easier than stopping them once they’ve started. As soon as you click the link, the ransomware catches like wildfire — quickly touching and encrypting every file it can get its hands on in your system.
Three Kinds of Attack Vectors You Need to be Aware of
Cyber criminals use methods known as attack vectors to find vulnerabilities within your system to exploit.
The first step to protecting your business from ransomware (and other cyber attacks) is to understand what these attack vectors are and how they work. Then, you can implement cyber security measures that will prevent them — keeping you, your employees, and your data safe.
Here are three attack vectors you should be aware of, with real-life examples to inspire you to beef up your cybersecurity systems.
If you have an email address, it’s almost certain that you’ve received at least one phishing email. Most of the time, these are easy to spot because they look, well, fishy.
In this attack vector, the cyber criminal will embed a link within the phishing email that will then install the ransomware on your computer once clicked. As we say, click happens. Take, for example, the case of the Crelan Bank in Belgium. In 2016, cyber criminals compromised a high-level executive’s email account and were able to send a series of emails posing as the company CEO. Their ransom? $75.8 million.
The best defense against phishing emails? Employee education and training! Embed cybersecurity into your employee onboarding process, and provide at least yearly training for employees to keep them up-to-date on the latest tricks and tactics cyber criminals are using.
Open Remote Desktop Protocol Ports
A remote desktop protocol, or RDP, is a portal that allows users to access a computer from a different location. It’s a feature that’s actually built into the Windows operating system. It’s a useful tool for IT professionals, especially in a work-from-home world, that allows us to help team members solve their computer problems from anywhere.
Unfortunately, if the RDP is configured incorrectly, it can leave companies wide open to cyber security attacks and ransomware. For example, in 2020 Honda was the victim of an RDP-focused ransomware attack.
If your company is currently using an RDP that’s open — don’t freak out. You can disable it. Start by talking to your IT team, or check out this guide.
Employee Error & Lack of Education
Making mistakes is an inherently human quality. To prevent employee error, and protect your company from ransomware, invest in your team members’ education. You would be unpleasantly surprised to discover just how much damage can occur as a result of, say, an unsecure password.
Yes, I know you’ve been using the same password for 10 years because it’s the only thing you can remember. And that it’s written on a sticky note next to your bobblehead collection. Please don’t do that. Take, for example, the cybersecurity attack that took down one of the largest oil pipelines in the US. In 2021, a hacker was able to gain access to the networks of Colonial Pipeline Co. They were able to gain access through a Virtual Private Network (VPN) by uncovering an old account’s username and password in a data breach.
If you were driving in the U.S. during spring 2021, you probably remember the results. Colonial ended up paying a ransom of $4.4 million.
You Can Protect Yourself from Ransomware. We Can Help.
The answer? Cloud storage!
At Wasabi, we offer a cloud-based storage solution that protects your data. This includes Object Lock, a data protection feature wherein a user can designate certain files to be immutable — meaning the files cannot be altered or deleted by anyone, not even an administrator, for a set period of time.
Immutable storage, used in conjunction with a comprehensive backup strategy, can save you from the cyber criminals trying to hold your data for ransom. Our immutable buckets and support for S3 object lock helps you fight back, ensuring your data’s security and integrity.