Be Prepared 2020 Foresight Promotion
Cryptoware is really nasty and will encrypt your files and you will have to pay a ransom to get the decryption key from the attacker, if they send it. Even though you pay, one out of five never get the key and their data is gone for good – pictures, Word files, financial documents, music, and video are gone.
BACKBLAZE estimates that 5% of businesses from large to small have gotten hit with ransom ware. That 5% number brings up an interesting question. Don’t these organizations have really expensive firewalls and antivirus on the desktop? The answer is yes, they do. However, there are a couple of reasons why Cryptoware get’s thru.
Cryptoware can get through an antivirus if the criminals can change it just enough so it is not recognizable to the program. When that happens, it is called a Fully UnDetectable threat, and so it slips through. There is software to deal with this issue other than antivirus.
Cryptoware can use zero-day exploits. These exploits are unknown coding errors, in the operating systems that hackers have uncovered, and are used to gain access. That is why you always hear, “Make sure to have the latest security updates on your computer.” These updates are to patch new found exploits.
Cryptoware makers also use social engineering to get you to click on the ransomware link. So, for example, if they were able to fake an email from your supervisor, you most definitely would open it, not knowing it was fake. The email would have a link to a file location to a document they want you to review. The document they want you to see is not a document but the ransomware. That happened to one of my companies.
The best defense against Cryptoware is the Disaster Recovery plan. When Cryptoware hits an organization, it spreads quickly locking out users and files. So, this is a Disaster Recovery situation and what is the plan? Where are the backups you need to wipe and reload the systems? How long will it take to restore and what software does the organization have in place to help with the recovery? These are simple questions to ask to start the planning process, however many companies and individuals do not. If you have backup, you have options, but no backup no options:
In 2017 BACKBLAZE conducted a survey for computer data backup frequency and these are the results:
- Never 21.2%
- Yearly 26.3%
- Monthly 15.6%
- Weekly 12.2%
- Daily 9.3%
According to a ZDNet article, posted in 2016, “The majority of Organizations which have become infected with ransomware will give into the demands of the cyber criminals for reasons ranging from the importance of the encrypted data to the perceived low cost of the ransom payment.”
If these organizations, had a well-thought-out backup solution and recovery plan, it all becomes a moot point. However, as long as, 21.2% never backup there will always be business for Cryptoware makers and people will lose data and money.
In January 2020 Windows7 and Windows2008R2 will go off support from Microsoft. Windows will still work, but will not get security updates sent out. Large businesses that still rely on Windows can pay Microsoft for a few years more to have these updates. However, the large majority of Windows systems will be at risk for zero-day exploits that will give Cryptoware a way to infect Windows7 and Windows2008R2 systems.
Visit ArnoldConsulting specials page where we are running the 2020 Foresight Promotion. We believe losing your data is not an option, and we can fix that. Have questions about computer stuff – we love questions call us or email us. Our email mailing list, is at the bottom of our web pages so please join our community. We will send our blog post, and email specials on computer software and hardware.