Cyber-ransom is increasing globally. How would you deal with a potential threat that will affect companies, and millions of people’s cyber data and assets?
Cyber-extortionists have been around since 1989. Miscreants hold your data hostage compelling individuals or organizations to pay some kind of ransom to retrieve data or suffer the consequences. It is just like waking up on a great day and discovering a red background with a message on your computer which displays: “Private Key will be destroyed on…date and time…” Or on another device that can access internet, like on an Ipod, which would display: ” No Service” on the screen plus a message like “Hacked by name of hacker. For unlock device YOU NEED…some kind of ransom amount to a payment system.” Won’t that make you a nervous wreck?
The thing is, this type of cybercrime is increasing in America though it was contained in some parts of Europe and Russia. With the creation of CryptoLocker, this spun as one of the most treacherous types of ransomware. It takes the personal computer data hostage and urge the user to pay a ransom amount via a payment system like PayPal or pay with Bitcoins. Not paying within the deadline may make you pay a larger amount of ransom. But it is a different case scenario when a hacker is involved and threatens to delete valuable data if ransom is not paid.
Just recently a company, Code Spaces fell victim to this hacker and totally destroyed their business driving them to bankruptcy within 12 hours for not paying the ransom. The company mainly used Amazon Web Serices (AWS). Everything was on the cloud. Even with dense security and updates, the hacker got control of their AWS control panel. He called and demanded money to release control back to them or else he would destroy the company’s digital assets. It is quite a shock to know that security has been breached. They tried to regain control of their AWS control panel but the devious hacker detected their actions and began deleting a huge quantity of data and backups which was impossible to retrieve.
If you find yourself in this situation, how do you respond to this?
Are you going to pay the cyber-extortionist? Paying cyber-extortionists only encourages them to repeat what they have done to other vulnerable companies or individuals. Educating the company’s senior management about the new trends of cyber-ransom attacks will tell them that there is real threat lying around waiting for their moment to shine and don’t say you didn’t warn them.
Discuss within the management of how to respond to such a threat. It is a good way to start a dead serious discussion of risk management within the company. You also want to ask the management if the company has an insurance coverage to cover data ransom incidents.
Stay safe always by avoiding opening phishing emails or from websites that warns you of malware attacks. Backing up your important files on a separate source, updating antivirus software or change passwords from time to time making it difficult to compromise. Never use the same password for more than one account.
It will make it easier for the hackers to invade your personal stash of data.
How to Stay Safe: Hackers have many tools at their disposal that can attempt “dictionary,” “brute force,” or “rainbow table” attacks that make cracking a weak password a piece of cake. You should change your passwords periodically and consider using a password manager tool (which keeps them encrypted) like LastPass or PasswordSafe. Create a long (10 digits or more) password comprised of lowercase and uppercase letters, numbers and special symbols ($%*), and don’t use the same password for more than one account.
Invest in a Business Continuity service: CITOC provides business continuity services. Our business continuity solutions takes regular backups of your data and securely stores them onsite or in the cloud. This allows for almost instant recovery if an event like what happened with Code Spaces would happen to your business.
Have questions about your IT security? Do you have a proper business continuity solution in place? Not sure. We are here to help. Call (713) 490-5000 or drop us an email at firstname.lastname@example.org. We can help make sure your data is protected, ALWAYS!