What Is Ransomware?
by Commonwealth Financial Network
Imagine this: You open an e-mail on your work computer that seems to come from Google, prompting you to click a link to reset your password. But when you click, a mysterious .exe file downloads and launches. Slowly, all the files on your desktop turn into white paper icons, and the names of all your files turn into scrambled nonsense. What is happening here? Unfortunately, youâve probably fallen victim to a ransomware attack.
At this point you might be asking, "What is ransomware, and what can I do about it?"
Ransomware, as defined by Trend Micro, is âa type of malware that prevents or limits users from accessing their system . . . unless a ransom is paid.â Although the term may be new to you, ransomware attacks actually happen every day. In fact, according to Kaspersky Labâs Securelist, 2.3 million Internet users encountered ransomware between April 2015 and March 2016, and Intel Security reports that the volume of attacks grew by an astounding 169 percent in 2015 compared with 2014.
In the event that a ransomware attack happens to you, itâs likely that something much like the scenario mentioned above will unfold. To help you visualize, though, Figure 1 provides an example of what you might see on your computer screen:
So, do you pay the ransom or simply wait for the countdown to end? Before deciding, you might consider taking the following steps.
Research solutions. By searching online, you could stumble across a free tool that can decrypt your files. But keep in mind that the chances of success are extremely slim. Even if a solution to a previous type of ransomware is available, attackers learn from their mistakes and would likely have used a more advanced form of the scheme on you.
Call law enforcement. You might get lucky, but donât count on it. Thereâs very little that the FBI, for example, can do to resolve an individual ransomware incident. But reporting the crime can help put it on the authoritiesâ radar, so they can work on a solution for future cases.
Now, it all comes down to two choices: either you pay the ransomware fee or you donât.
You calculate that one bitcoin is $671 (at the time of this writing), which isnât so much if it means saving your practice and all your clientsâ financial plans. You hit the Next button and follow the instructions to pay your attacker. What happens now?
Outcome 1: You get your files back. Time to celebrate? Not so fast. From the cyber criminalâs perspective, he or she just found a paying customer. Now youâre a prime target for another ransomware attack.
Outcome 2: You donât get your files back. Remember: you have no leverage. No one is forcing the criminals to hold up their end of the deal. Even if the attackers are âhonorable,â you can never be sure that the ransomware will keep your files intact. So if this is your outcome, youâve lost all your data and $671.
Maybe you think the attacker is bluffing. (Hint: If you canât access your files, the attacker isnât bluffing.) Or maybe youâve decided that the price tag for your data is too high.
Outcome 1: Youâre granted a time extension . . . and a price change. Some attackers penalize you for waiting up to their deadline and then not paying. They give you a second chance but increase the ransom. Others realize that you wonât take the bait, so they cut you a deal in an attempt to take what they can get. If so, youâll be back to deciding between Choice 1 and Choice 2.
Outcome 2: You donât get your files back. On the bright side, you didnât contribute to one of the worst cyber threats weâre facing today. Plus, those attackers wonât see you as a receptive victim. Itâs only common sense to leave you alone in the future.
In the end, itâs your decision. It all depends on how much you think your data is worth, as well as how much you trust that the attackers will stick to their end of the bargain. To give you some insight into the choices others are making, a recent Symantec report finds that only 3 percent of victims pay the ransom. The rest opt for Choice 2.
Fortunately, there are three relatively simple precautions you can take to prevent such a costly scenario.
1) Back up your data regularly. Letâs say that you back up your files every Sunday. If you receive a ransomware threat onâworst-case scenarioâa Saturday, youâll lose only six daysâ worth of data. If you would like to start backing up your files, youâll have to take the time to devise your own schedule and method. When establishing a backup plan, remember to keep these two things in mind:Â
- Regularly test your backups. Youâd be surprised how many firms wait until an attack before they restore a backup for the first time, only to find that it doesnât work!
- Store your backups in a secure location separate from your main computer. If backup media is connected to your system during an attack, your backup data could be targeted as well.
2) Keep all eyes peeled for phishing. Approximately 91 percent of cyber attacks start as phishing scams, according to Wired. When checking e-mail, remember to:Â
- Hover over all links to verify that theyâre safe
- Avoid clicking links whenever possible by typing URLs directly in your browser
- Delete any suspicious e-mails (If youâre in doubt, just delete them.)
Best practice is to keep your whole business aware of phishing attempts. No matter what technical controls are in place, if only one user on your system falls victim to a new type of phishing attack, your whole firm may have to deal with the consequences.
3) Update your systems ASAP. Attackers know the vulnerabilities of yesterdayâs technology. The longer you avoid regular updates, the more time attackers have to exploit those vulnerabilities.
Most of us have a normalcy bias. We rationalize, âBecause this disaster has never happened to me, it will never happen to me.â Itâs easy to think this when most of us havenât fallen victim to ransomware. But, as attacks are on the rise, the probability of being a victim is only increasing. If the day comes when it does happen to you, will you have a plan in mind for handling the situation?
Have you ever fallen victim to a ransomware attack? Do you regularly back up your data? Please share your thoughts with us below.
 Commonwealth Financial Network is the nationâs largest privately held independent broker/dealer-RIA. This post originally appeared on Commonwealth Independent Advisor, the firmâs corporate blog.
Copyright © Commonwealth Financial Network