You might think that being held to ransom is the stuff of movies but cybercriminals are attacking small businesses in an alarming and increasing rate with malicious software that can compromise data, lock computer files and demand some form of payment to decrypt it. According to McAfee Labs, ‘ransomware’ attacks are set to grow in 2016 following an increase of 165% over the previous year.
Cisco reported that some ransomware is being spread through emails from Microsoft telling recipients they can download Windows 10. The emails look official and have legitimate Microsoft email addresses but the only subtle difference is the sender is not from the US but from Thailand. If the unsuspecting recipient opens the message and its attachment, a message appears that will say the computer and its files will be held hostage until a ransom is paid.
Other businesses might have their entire computer system encrypted by a virus, locking every employee out of the files they need to run the business. An employee can easily be tricked into clicking on an email attachment that can infect a system with malicious software. And with the business essentially out of action, what choice does a business owner have when it could take the company’s IT department anywhere from 1 to 90 days to decrypt the files? Begrudgingly pay the ransom to keep the business on its feet or lose a lot of clients? But paying ransoms will only lead to more attacks from cybercriminals.
So how should businesses avoid being held to ransom? It’s absolutely critical that businesses operate their computers with continually updated antivirus software and a firewall. Install pop up blockers so employees don’t accidentally click on any malicious ads, always back up computer files in a separate location and stress the importance to your employees of being vigilant and never opening an email attachment until you have personally verified the sender.
As well as antivirus software, businesses can also make use of email security from your email provider. Email security suites will protect against spam and can scan for viruses and malware embedded in emails. There’s also the option for businesses to encrypt their emails as an added layer of security. Another option is a two-step verification process for your email so that you can maximise protection against a breach.
If you have been the unlucky recipient of being caught out by ransomware, turn to an IT specialist like Inspired who can deal with the problem and ensure your business stays in business.