CJS Associates: IT Solutions for the Office and Cloud

Cyber Extortion: Don’t Be a Victim

shutterstock_641443576
Business Continuity / Cyber Security

Cyber Extortion: Don’t Be a Victim

We’ve all seen movies where a couple of thugs in trench coats walk into a store, take a look around and say something like, “Nice place you got here, shame if something were to happen to it.” Many people might think the days of extortion went away with the end of mob-run New York and Chicago, but it’s still alive and well on the internet — in the form of ransomware.

To make things worse, as the world has been buckling down with the COVID-19 pandemic, hackers have been working overtime to take advantage of lax cybersecurity. But before we get into how to protect your company from ransomware threats, let’s see how we got here.

Understanding the Problem

For those unaware, ransomware is a form of computer virus that allows a hacker to enter your system and lock you out of every file and program you use. Then, out of the goodness of their hearts, the hackers give you two options: pay them a set amount of money or lose access to everything forever.

Ransomware has been around for decades (and we’ve written many blogs on the topic) but it has proliferated exponentially in recent years. The main reason for this is because it works. Merely stealing your information and then selling it can make them money, but not nearly as much as ransoming that same information to its rightful owner.

Over the course of just a few months (Q4 of 2019 to Q1 of 2020), Forbes magazine stated that overall attacks rose by 25%. Why such a rise? Well, it could have something to do with payouts also rising by 33% within that same timeframe. With that kind of increase, it’s no wonder why hacking is a growing industry.

Ransomware in the Age of Covid-19

When the pandemic started, many people began working from home. For many of us, working from home presents no problems at all, but for others, it creates a whole list of issues that won’t be resolved until their whole department can be back in the office.

This has especially been the case with IT departments. While it’s true that they can do a lot of their work remotely, sometimes they just need to be in the server room to do their job. And don’t think for a minute that hackers don’t know that.

With so many fractured IT departments out there, businesses have been getting swarmed with attacks. For example, the city of Florence, Alabama was attacked just a few weeks ago and said that paying the $300,000 demand was better than having its citizen’s information exposed and for sale.

Even more recently, Honda was attacked by a cybercriminal that actually ended up shutting down production. Ransomware is getting more dangerous by the day.

The New Frontier

The recent pandemic has taught us that we don’t need as many people in the office or even at the factory as we thought we did. Work can be done via automation or with remote workers and keep the business running. That means that our businesses can become even more efficient than ever before. It also means that if a hacker were to get into your system, the damage can be even more devastating.

With the way businesses are depending more and more on technology, your entire business can grind to a halt from a single bad decision someone took when opening the wrong email.

Lighting Can Strike Twice

Imagine your company has been a victim of a ransomware attack and the crisis passes. Perhaps you paid the hacker or were able to gain access to your system again some other way. Now imagine that life has gone back to normal until one day the unthinkable happens: you get hacked again with a ransomware demand.

Sadly, this is not a one-off situation. In fact, not only can this happen to a single business, but it can happen to multiple parts of an organization. One of the most famous examples of this is when a single school is hacked, then multiple other schools in the same district get hit with the same ransomware, one by one.

The reason this is somewhat common in the tech world is that organizations can have similar (or identical!) safety protocols across the board. It’s a lot less work for a hacker to work this way than to go search out other targets every time they want a hit. However, we all know one of the biggest reasons we’re unprepared is because we all think it can’t happen to us. The harsh reality is that’s what all the businesses who were hit thought too.

What Can You Do?

While it’s true that hackers are getting more sophisticated every day, the majority of their attacks are opportunistic. Hackers take the path of least resistance, so if they can enter your system by Carol in accounting falling for a phishing scam, or if your IT department did not update their protocols after a previous attack, they’ll take that route.

That’s where we come into play. By dealing with a company to work on your behalf, you don’t need to worry every time someone logs into your system. And why should you waste all that time? Any effort you put into protecting your system is effort that could have been spent growing your business. By having us go over your current system and helping you implement a better one, you stand a much better chance when the internet goons come for your data.