What Every Business Should Know About Ransomware

As the news broke that a Kansas braille transcription institute may lose years of files to a ransom virus, many organizations wondered if they too could fall victim to such an incident. Will their antivirus protect them against ransomware? If files are backed up, are they safe from attack?

Here’s how ransomware works. A user downloads the virus, either through e-mail or a website, and is confronted with a page that threatens some action unless the user pays up. Paying the fee often changes nothing, leaving businesses to seek professional help to resume use of their own systems.

Regularly updating software and antivirus programs, a business can prevent such an attack. An active firewall is also important to protect both individual systems and servers. Encrypting each desktop and laptop used by your business can also help protect against intrusion. In addition to this protection, businesses should also work hard to educate all employees on the importance of being careful when clicking on links and opening e-mail attachments.

If, despite your best efforts, you still find yourself being held hostage by malware, it’s important you don’t pay the fee. Not only is this usually ineffective, you’ll be giving your credit card information to someone who has already engaged in criminal activity.

In the event of an infection, you should disconnect the PC from network connectivity and reboot it in safe mode if possible. Run any antivirus protection software you have to try to remove the threat. If you can determine the exact type of ransomware, often you can find removal instructions specific to that ransomware on sites like Symantec.

It’s more important than ever that businesses keep all systems as updated as possible. If an attack does happen, however, save the money you’d spend on paying a ransom and pay an IT professional to look at your system. You’ll potentially prevent further damage and have your systems up and running quickly.

IT Security and Training reduce Cyber Attacks

Increase in cyber attacks cost firms nearly $50K per year 

Cyber attacks for reasons political, financial or fun have spread exponentially over the last year. Increased spending on security and training is doing much to stem the flow of information into the wrong hands. A Symantec survey of 1, 425 IT managers across 32 countries revealed that the $35 billion currently spent on it support services and security support is expected to rise to over $49 billion in the next three years, with many companies opting for security through cloud computing packages. With data breaches effecting even the biggest corporations (the recent hacking of Zappo comes to mind), everyone is taking security more seriously. The survey found that cyber attacks in 2011 cost companies an average of $470,000 in lost revenue, downtime and loss of brand confidence.

Cyber attacks include spam, viruses, fraud, data theft, vandalism and denial of service. A poll by Juniper Network had 77% of respondents saying cyber attacks are more frequent and severe than they have been in the past, while 90% of respondents claimed to have suffered a data breach in the last year.

The rapid increase of attacks comes as employees bring their own devices into the workplace. 29% of breaches in security occurred on tablets and Smartphones and 34% on employee laptop computers. As employees increasingly introduce personal devices into the workplace, security has to be installed and protocols established to secure sensitive data.

Companies who turn to IT consulting specialists and invest in security and training for employees suffer a far lower rate of security breaches. The survey revealed that top-tier companies who used IT consulting firms to bolster security and staff training benefitted from two and half times fewer attacks than companies who did not invest in security.

Downtime is by far the most frustrating consequence of compromised security. Here the advantage of investing in an IT consulting firm to provide security is self-evident. The companies which had not made adequate investments in security suffered 2 765 hours of downtime a year in comparison to the relatively few 588 hours that secure companies endured.

Not utilizing IT consulting specialists or investing in security and training means damage and downtime that is sure to cost more than the initial security investment would have. It makes financial sense to invest in protecting customers and data from cyber attacks. As more employees bring their own devices to the workplace, it is imperative to establish security across the board and protocols aimed at securing data on all devices.