Cyber Security

February 7, 2017

The threat environment for your computer systems and data has changed dramatically with the recent rise in ransomware style attacks. This type of malware, that encrypts your data then demands a ransom payment, emerged prominently in 2013 and has become by far the dominant malware platform. The IT Consulting department of McGee, Hearne and Paiz, LLP (MHP) has some helpful information to share with you regarding these ransomware style attacks and how you can protect yourself and/or your business. 

The IT Consulting department of MHP has worked with dozens of clients to battle ransomware attacks and recover encrypted data. As a result, MHP and our clients have experienced little to no data loss as a result of these attacks and a have had zero ransoms paid. That's not typical however, and the threat has grown dramatically.

IBM Security recently released a report on Ransomware. Here are some of the crazy statistics: 

  • Ransomware activity that holds your data hostage increased 6,000 percent in 2016 compared with 2015
  • 70% of business victims who were attacked had to pay the ransom because they couldn't restore their backups
  • 50% of those that paid, paid more than $10,000, 20% paid more than $40,000
  • Ransomware is on track to be $1 billion business in 2016, despite FBI and law enforcement recommendations to not pay the ransom
  • Ransomware is present in almost 40% of all spam (this number is now being reported as 80%)
  • When individuals are attacked, most ransomware gets over $300 per victim
  • More than half of the parents surveyed said they would pay the ransom to get back personal photos 

While not discussed in the report, part of the reason for the dramatic increase in ransomware, aside from the fact that it works and people are paying, is the recent rise of Ransomware as a Service. It is now possible to hire all the services needed to conduct a ransomware campaign without any IT skills or resources.

The lesson here is backup your data, then backup your backups. Most of those businesses that paid the ransom thought they had backups. When they tried to restore, they found out that (pick one): A - The disk was full, B - The backup job failed, C - The backup data got encrypted too, D - The backup media was bad, etc. etc. etc.  

The only way to be protected against data loss from a ransomware attack is to have restorable backups of good data. Because there are so many ways for a backup to be bad just when you need it, MHP recommends a 3-2-1 approach to safeguarding valuable data. That is, you should have at least 3 copies of your data, it should reside on at least 2 different media types, and at least one backup set should be stored off-site. 

If you would like help safeguarding your data against ransomware and other types of data loss, contact the IT Consulting department of McGee, Hearne & Paiz at 637-2660.