Pexels / Pixabay

Ransomware is something that many small and midsized businesses (SMBs) need to watch out for. It’s not just for the big companies anymore. Many smart SMBs know that data is the new oil. Since data (like oil) is a precious resource, it must be protected like any other asset. As data is an invaluable resource of information, many hackers are looking to breach it.

Therefore companies must make an effort to protect their data at all costs. The good news is that there are some easy ways to fortify your business so that you are not the low hanging fruit for hackers. One of these low-hanging vulnerabilities that hackers can take advantage of is by sending you malware. Sometimes this can take the form of ransomware.

What is the Layman’s Definition of Ransomware?

According to United States-Computer Emergency Readiness Team (US-CERT) ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Let me translate that; it is software controlling your data until some form of currency is paid. Ransomware is most commonly spread by email or through an infected website. There are more types of ransomware that you should be wary of, and I’ve highlighted some of the most common ones.

Different types of Ransomware to keep an eye out for:

  1. WannaCry Ransomware dealt a lot of damage to businesses back in 2017 with its ability to spread itself across their networks by exploiting critical vulnerabilities. These vulnerabilities were specific to Windows computers, which were patched by Microsoft in March 2017. While Microsoft addressed this, it’s a good idea to be wary of its capabilities because there will be more ransomware in the future like this. The WannaCry ransomware attack, which targeted thousands of computers around the world, encrypted 176 different file types and added “WCRY” to the end of each file name. The ransom specifically asked each person to pay $300 in bitcoins to get rid of the WannaCry. If not paid, the files would all be deleted.
  2. Lockers are known for infecting your operating system and files, and the purpose is to lock you out. Until you pay the ransom (typically $150-$300) you can’t access anything that is infected. You may be infected so much by this ransomware that it can completely lock you out of your computer. Locker ransom is actually a variant of a nasty form of ransomware called CryptoLocker. Locker scours your computer and encrypts the files with something called AES, which is impenetrable for anyone who isn’t extremely experienced.
  3. Scareware a cloaked program that acts like an antivirus or a cleaning tool. Often making claims to have found issues on your computer, demanding money to resolve the issues. It takes advantage of people through social engineering, making them fear they have a problem when they really don’t. In some cases, users are told they need to download some fake antivirus software for the antidote.
  4. Doxware (leakware) threatens to publish your stolen information online if you don’t pay the ransom. As more people store sensitive files and personal photos on their computers, it’s understandable that many individuals panic and pay the ransom when their files have been hijacked. Doxware has seen increased popularity since businesses have found other ways to protect themselves from ransomware. Doxware ups the stakes since a business can’t just keep backups of their files, they now need to worry about their compromising information being published.
  5. RaaS (Ransomware as a Service) is a type of malware hosted anonymously by a hacker. These criminals handle everything from distributing the ransomware and collecting payments to managing decryptors — software that restores data access — in exchange for their cut of the ransom. I’m writing about this because you need to know how much hackers are now organizing and scaling their ransomware operations.

As a Business Owner, You Want To Make Life More Difficult For Hackers

Think about owning a bike without any locks. That is a bicycle that is easy to steal. But put two locks on the tires and frame, and suddenly it becomes a whole lot harder to take. So much that a thief may even decide not to. The purpose of protecting yourself is so that you are not low hanging fruit for hackers. SMBs can make it hard enough that hackers may find it pointless or not worthwhile to attempt tampering with their data.

Here are some simple ways to not be the low-hanging fruit:

  1. DO use security software
  2. DO keep your security software up to date.
  3. DO update your operating system and other software
  4. DON’T automatically open email attachments
  5. DO back up important data to an external hard drive/ use cloud services
  6. DON’T pay the ransom

Now that you know the do’s and don’ts for data protection from ransomware let’s dig deeper. First off, by using an effective security software, you put yourself in a defensive position against hackers. Software such as Avast Anti-Ransomware Tools and Malwarebytes (just to name a couple) allow your computer to detect, block, and remove threats. Not only are you protecting yourself, but you are also protecting your clients’ information. This leads us to number 2, keeping the software up-to-date. I can’t stress this one enough. Malware and viruses change, so should the programs defending against the attacks.

Next, you want to make sure that everything on your computer is up to date. The reason behind this is to patch up any vulnerabilities and strengthen your computer’s ecosystem at the same time. Now that your computer is a tightly defended fort ready to rage war against hackers, you must do your part by not clicking any “phishy” emails. Email phishing’s end goal is to get you to give out your personal information. If it smells “phishy” it probably is someone phishing for your data!

A significant step to securing your business is to back up any data that is of any importance constantly. Hackers try to take your own personal information and manipulate you to repurchase it, but if you have it stored already on a backup device, why would you pay for it? Checkmate, you wouldn’t!

Lastly, I have one piece of advice that may be a shocker. When ransomware strikes emotions are high, and while most would desperately settle for paying, DON’T. I repeat DON’T pay the ransom. No agreement says the hacker won’t try to squeeze you dry for money or even return the data they stole. Which again stresses the importance of backing up your data.

This Is The Data Age

Data is everywhere emails, payment info, personal info, social security, you name it. The internet is the highly favored method of digital transportation for data in the form of 1’s and 0’s. My business, Chop Dawg, prides itself in developing high-quality applications and digital products that are built on security. It’s essential for companies to keep their data secure, especially when handling hundreds of clients’ personal information. Now that you know, make sure to protect yourself and spread the word.