Insights from Rick Rusch, CEO of Secure ERP
What is ransomware?
Ransomware is a huge, worldwide business that is only growing in size. Less than 10 years ago, there were 80,000 cases, while today, there are 869,000 cases.
It is an automated theft of your assets. Typically, ransomware is found in key loggers to capture account credentials or found in botnets such as robots or drones. Your files become unreadable to you, unless you pay up. Yet, there is no guarantee you will get your files back.
Although ransomware has been around since the 80s, it was not until 2013 when criminals figured out they could use this process to capture someone's data and hold it for ransom. In 2015, Canadians were impacted with 1600 ransomware attacks a day, and in 2016, that number doubled to 3200. Frequently, ransomware cases go unreported, so these numbers only account for the known cases.
Currently, ransomware is the number one threat on the internet. In 2015, ransomware cost a total of $24 million USD. In 2016, this number jumped to $1 billion USD and in 2017, it topped $5 billion USD. It is projected that this number will quadruple by 2020.
These numbers are similar in ratio and scope all over the world.
What this tell us is ransomware threats are getting better and stronger. As business owners and individuals, we need to do our part to educate ourselves against ransomware using adequate proactive measures.
What are data breaches and how do they happen?
Data breaches are much more dangerous than ransomware. Once data has been breached, many regulatory areas require companies to disclose the breach, even if nothing gets lost. Ransomware, however, can be kept a secret if your company is able to combat the attack. Certain examples of data breaches are Uber's leakage of 20 million users' personal information and Equifax's breach which exposed the personal information of 147.9 million Americans.
Some data breaches can be caused by employees. A simple idea to download a free file sharing software to listen to music on your company's data system could cause a cybersecurity nightmare. This actually happened to a company, whose name prefers to be unknown, as the employee didn't tell the IT department that the download opened up the network to a third party, who copied patient data. As internal IT found out too late, they didn't plug the hole until after the damage was done. The owner of the company was fined a hefty amount and the company is currently out of business.
Another common way data breaches occur is from our willingness to give away our credentials online. Some websites masquerade as Facebook, LinkedIn and Dropbox to steal your login information and utilize that information to get onto your internal network. 80 per cent of hacking breaches begin with stolen or weak passwords, therefore it is critical to develop strong passwords and/or to use a password manager to protect yourself.
Common misconceptions about ransomware
If you've looked in the news in the recent months, you've likely seen ransomware scandals such as WannaCry and Cryptolocker affecting companies such as FedEx, Nissan and Cadbury. One important factor to keep in mind is it is not just the big companies who are getting attacked. Ransomware are landmines; they do not care about the size of a company. In fact, smaller companies get hit harder if they are faced with a large ransom and cannot afford to pay the substantial sum. It is more likely for bigger companies to bounce back from the ransom.
Another critical factor to consider is just because you have anti-virus protection software doesn't mean you are protected against ransomware. Oftentimes, the anti-virus protection software does not recognize the ransomware as an infection right away. It is not until numerous computer systems have been compromised and a signature has been created to identify the malware that the anti-virus protection software will recognize the ransom. At this point, it is much too late. Nonetheless, implementing an anti-virus software is undoubtedly better than nothing. Being 40 per cent protected is better than zero per cent, however you still need to take further action.
The third factor to consider is just because your company uses Apple computers, doesn't mean you are safe from ransomware. One of Apple's main selling points for their Mac computers is that they are not susceptible to the same viruses as Windows users are. Despite this, ransom criminals are getting smarter. As a Mac user, you are just as likely to be infected with ransomware so you, too, must protect yourself.
What is the difference between ransomware and data breaches?
As with ransomware, the criminal's ultimate goal is to make easy money. To attack a criminal business enterprise serves a low risk and a high reward. The difference between ransomware and a data breach is this: with ransom, you receive a note making you aware of the attack, but a breach stays hidden. Often, these breaches stay hidden for over 200 days before they are found, gathering information to exploit the company. Unlike ransomware, data breaches are labour intensive, requiring the expertise of hackers and hacktivists to break into a company's system.