The world of cybercrime is a scary one, but many businesses leave themselves unprotected against it because they think it won’t happen to them. They think they’re not big enough, not important enough, perhaps. Not wealthy enough.
Unfortunately, just as there are small and medium-sized businesses, there are cybercriminals who don’t have the skills or the confidence to take on the big firms. They are looking for people like you, SMEs getting on with your life and making a decent living, but not armed to the hilt with IT specialists and protective software. In that respect, you may be an easy target.
What these villains have in common is that they are what’s known as tech-savvy. This is a natural aptitude that is usually used for good purposes. These people are great at getting things done online, and nothing fazes them; they whizz through online applications with no problem, and if you’re having trouble setting something up or getting through to someone, you may call on some character you know – usually a younger person – to help you out.
There are what are called “white hat hackers” who are the good guys, able to get things done in ways that may even be bending or breaking rules, but they are doing no one any harm. Cyber criminals are these people’s unsavoury cousins.
What is Ransomware and How Does it Find its Way Into Your Network?
Ransomware is computer software that can be installed in someone’s system to prevent it from working properly. The way things are for many businesses now effectively stops them from working, which means no income and a damaged reputation. You’re being held to ransom without being kidnapped. If you don’t pay up, you may be finished in that business.
Ransomware can be sneaked into your system in various ways, one of which is phishing. This is where you may receive an email or text purporting to be from a company you have had dealings with and asking for “confirmation” of your bank details or other sensitive information. Attached to the message may be a file that, when opened, lets malicious software into your system.
Another means of entry is through websites you may visit or downloads you make.
Then there is outdated software. Keeping your software up to date is not only about being able to do new things; it is also about reinforcing it and plugging any holes that might make it vulnerable – this is known as patching. All software contains glitches, which are sometimes only apparent after they have been in the public domain for some time. Updated versions have addressed the situation.
All of these things seem perfectly harmless, and you won’t know what has happened until the trouble starts.
The Modern Ransomware Lifecycle: From Infection to Encryption
First comes the infection by one of the routes described above (but there are others too, as ransomware is becoming more sophisticated thanks to AI). Once the bug is in your system, it will begin to communicate with a command and control (C&C) server operated by a cybercriminal, which will send encryption software to your computer.
Once you’ve been infiltrated, other kinds of malware may be activated in a process called lateral movement. This enables the malware to move into linked devices, saving the invaders the trouble of breaking into something else all over again. If the invasion occurs in a cloud, many other sites could be at risk and by the same token, even if you were not the original target, you could be affected at that stage.
You will have noted here the word encryption, which is usually regarded as a good thing in that it prevents other people from understanding your information, but this is encryption’s malicious twin, which can make your own information unavailable to you. That means someone else is in charge of your affairs, and even if they don’t do anything with that power, you cannot operate as before. What they will do with the power is demand money for its return to you.
Building the Defence: Essential Layers of Ransomware Protection
Every individual should have web protection, and although there are free ones available, they are free for a reason: they are not as robust as the paid-for ones.
For a business, this is even more important and doing it yourself is not the way to go. You need to talk to a cybersecurity firm and buy software that they recommend as suitable for your business. A business owner’s first line of defence is their own IT department, but the manager of that will have strengths regarding the running of the business. They will probably have no experience of cyber-attacks and no global perspective to draw on. Knowing your limitations is a valuable asset, as long as you make sure you find people who do understand the full implications of this new form of criminality.
The Power of Isolation: Why Air-Gapped and Immutable Backups are Non-Negotiable
The importance of backing up information has been drilled into us in recent decades, but the concept of the cloud and the idea that online backing up is what is necessary have led to a vulnerability that goes against the way we have been taught to think. Online information can be corrupted or wiped out at a stroke.
New terms such as air-gapped backups and immutable backups refer to a physical process that once seemed outdated. Putting your precious data on an external hard drive and keeping it under lock and key somewhere away from where you work can be an iron-clad solution. That is what is meant by an air gap.
An immutable backup is one that cannot be changed. While the ability to rewrite or amend documents is an advantage in many ways, an immutable backup keeps it set in stone, as the saying goes.
Should you Pay the Ransom? Weighing the Costs and Risks
This is not a modern question, but a 21st-century application of something that has always troubled the victims of kidnapping and ransoms, and there is no overwhelmingly convincing answer. If you pay up, is that really the end of it? Will your system be unlocked so everything returns to normal? Or will the criminals retain some or all of the information to use against you a second time?
The only real answer is to do everything you can to not let it happen in the first place, and that means talking to an expert like us at Nerds 2 You and putting the best possible protection in place.
