Ransomware: Are you at risk?

The Ransomware attack called "WannaCry" has spanned the globe over the last couple of months and has been dubbed an epidemic.  Major corporations such as Britain’s National Health Service, reported infections in at least 36 hospitals across the country according to the New York Times.  Others affected include Nissan Motors, FedEx, the Russian Interior Ministry, and Hitachi just to list a few.  Over 400,000 computers in more than 20 countries have reported the infection.  It has mostly slowed down now but is expected to re-launch in the coming months.  The impact of how simple it is to infect hundreds and thousands of computers world wide is startling.  

Here are some common questions we have been asked:

"What is Ransomware?" -  Ransomware is a virus that encrypts every file on your computer and quickly spreads to any other computers it can see on your network.  The encrypted files are held "ransom" and to get they key to unlock them you have to pay $300-$600 in bitcoin per infected computer.  And on top of that the price goes up the longer you wait.  Some small businesses just throw out the encrypted devices and start over, some pay the ransom, and some spend days or weeks rebuilding computers and restoring files from offsite backups if they have them.  In any circumstance, the damage to the business is substantial and could be catastrophic.

 "Since I'm a small business, I'm not a target right?" -  That is incorrect.  Every computer using the internet or accessing email has the same risk as any other computer.  Whether it be personal or business, these attacks are real for everyone.

There are 2 ways Ransomware is spread. 
1. Through Compromised Websites.  Unsecured web servers are compromised and by using internet browser exploits an installer is embedded into the website.  Simply browsing to the website can infect your computer and quickly spread throughout your network.

2. Through email phishing.  Sending email to addresses purchased or scraped from websites is the #1 way Ransomware is spread.  The emails are made to look legitimate and are extremely well designed.  Looking like an invoice, tracking for a shipment, or Apple account on hold notifications, they can trick even the most cautious user.

All businesses, especially those without trained and experienced IT staff are at risk. 

"How do I protect my business?" - Hiring an IT company with experienced and trained technicians is a must.  Your IT provider should be monitoring your Windows Updates to make sure you have the latest security patches on all computers and servers.  You should have some level of SPAM filtering on your email and you should have a monitored and managed business grade Anti-virus on all computers and servers.  Offsite backups should be performed so that they cannot be encrypted if you are infected and your firewalls should be up to date with the latest firmware and proper intrusion detection and packet inspection being performed on inbound and outbound traffic.

The single most import thing you can do to protect your business is TRAINING.  Make sure your staff know the risks, explain how important it is to not use their work email addresses when signing up for anything online.  Never open an attachment on an email unless you are absolutely certain that it is legitimate.  When in doubt contact your IT provider for review before opening.  

Even with these safeguards in place it is still possible to get infected by clicking on an email attachment.  If you fear you are infected, unplug your computer immediately and contact your IT provider.  Do not turn it back on without their assistance.

If you would like a free risk assessment of your IT environment or have any questions about your security, please contact us at: info@bluegrasscomputers.com or 859-363-6999 and we will schedule a site visit and discuss how we can help protect your business.  You can visit our website for more information about our company and services: www.bluegrasscomputers.com