Don’t Let Your Organization Become a Statistic

If you know someone whose organization does not have an active anti-malware strategy, please share this article. If you’re not confident that your own organization has one, read on.

If you’re not already familiar with it, ransomware is a type of malware. It prevents users from accessing data. Typically, a user clicks a browser link or an attachment in an email. They launch a file that attempts to spur them into downloading something, freezes their screens, or encrypts the data on a system. The attacker, using encryption, holds the data or the system “hostage” until you pay them a substantial sum in Bitcoin, ranging from hundreds to as much as hundreds of thousands of dollars. The ransom increases as time passes and at some point, you may be permanently blocked from data recovery.

Ransomware impacts or destroys organizations every day. In a report by CyberSecurity Ventures, the cost of ransomware damages is said to exceed $5 billion in 2017. The WannaCry ransomware attack alone is projected to cost over $1 billion. A Twitter bot even monitors three Bitcoin wallets associated with WannaCry.

How does a ransomware attack happen?

What if My Data Is Backed Up? What’s the Big Deal?

Backup is a requirement, but backup alone isn’t good enough. You also have to restore your system, which may require “nuking” a device—returning it to factory settings without your software and data. This can mean as much as a day or more of downtime. But that’s not all.

Ransomware Encryption Violates HIPAA

The US Department of Health and Human Services has stated that the simple act of encryption, regardless of exfiltration, is presumed to be a breach because it is an “acquisition” of electronic protected health information (PHI) and thus is a ‘disclosure’ not permitted under the HIPAA Privacy Rule. A medical practice must inform their customers if PHI could have been compromised, and if over 500 health records were involved, then the practice has to tell the media. The average security breach for a healthcare organization costs more than $810,000.

Ransomware Hurts Educational Institutions Too

FERPA and CIPA are regulations that protect personal data for students, parents and faculty. While the penalties and disclosure requirements for malware attacks on this data are not as black-and-white, the cost to recover data and restore systems can be painful for a district or institution’s budget to accommodate. An attack could even result in federal funds being withheld.

Advice on Preventing Malware and Ransomware Attacks

Smaller organizations are not immune; as we said last month, most ransomware attacks are passive, not targeted.

  • Individually, be careful what you click on. Ask yourself: Do I know who is sending me the email? Is the email from the right email address? Am I checking my personal email on my work PC?
  • If you are responsible for IT, engage preventative security services as “vaccines” for your business. Do you have a recommended and managed anti-malware service? Anti-virus service? Have you deployed a web filtering service to prevent users from inadvertently clicking on suspicious links? Are your organization’s email attachments being inspected by a ransomware detection service? (For example, Microsoft’s Advanced Threat Protection)
  • Backup and recovery requirements. Does your disaster recovery solution include backup, replication, or both? How frequently do you check your backups to ensure they work? How many restore points are available and at what intervals? How fast can you retrieve your data from your backup instances? Do you have a local failover plan in conjunction with an offsite encrypted backup?

Take a Proactive Stance

The affianceSUITE family of services (affianceSUITE SMB, affianceSUITE FI, and affianceSUITE EDU) enables organizations with limited or no IT resources to delegate critical security and support tasks so they can focus on serving their customers and adding value to their business. Take advantage of a sophisticated, layered security model that detects and stops threats.