What is ransomware and do I need to be concerned about it?

Image by Michael Giuffrida for Computer securityAs a parent, one of the most moving lines I have ever heard from a movie was Mel Gibson in the movie Ransom when he was talking to the kidnappers and he screamed “Give me back my son!”.  He was clearly scared, angry, emotional and felt completely helpless. While the stakes are not the same when it comes to your business, for many small business owners their businesses are their “babies” and if they are a victim of ransomware, they want to shout “Give me back my data!” because the emotions can be very similar.

Ransomware is a type of malicious computer virus which infiltrates your network and wraps all of the data it can find on your server in a locked “bubble” called encryption that only the data-nappers (hackers) have the key to.  The hackers then literally ask you for money (ransom) to gain access back to your data.  Ransomware often enters your network through an email or email attachment opened by one of your employees.  It doesn’t always act immediately so when it is triggered, you may not even know that it has happened.  Once it triggers, you can not access any of the data on your network and you are given a certain amount of time to pay the ransom in bitcoin which is a computer based currency that is not all that easy to obtain quickly for the average person.  A common ransomware virus is called Cryptolocker.

At this point you have choices. If you can obtain the bitcoin and pay the ransom, you will likely be given the password to unlock your data.  Depending upon how well you have been backing up your data, this may be your only option.  Surprisingly, once the ransom is paid, most often the criminals who locked up your data do provide the password to unlock it.  More surprisingly, if you have trouble, they even give you a help line you can call for assistance (yes, you would think that is they can have a help desk, we should be able to stop them, right?  Apparently not.).  Unfortunately, even if you get your data unlocked, there is no guarantee that their malicious code is not still lurking on your system somewhere leaving you vulnerable to getting hacked again.

A better option is to be proactive about the way you backup your data.  Because “time is money”, the best options involve using a backup system which allows you to quickly restore your servers back to a a previous point within minutes of the ransom notice.  Enabling your business to do this requires that your servers are setup properly using a  virtualization software such as VMWare.  Additionally, using a service that allows cloud based backups of your data such as Datto will give you the option to continue operating your business while your IT team scrubs your servers of any remaining malicious code.  While this seems like a  daunting technical task, most IT managed service providers can help you get setup properly to protect your business if you don’t have the in-house expertise.

Michael Giuffrida from Southington CT has been operating businesses since 1997.  He is an experienced entrepreneur in business management, profitable growth, business valuation, mergers and acquisitions, and information technology managed services

7 thoughts on “What is ransomware and do I need to be concerned about it?

  • As an account manager for a small company (less than 10 people) who isn’t on a network, I wonder if this could happen to us. All my data is backed up to an external drive so maybe we are safe. Not sure? I guess a little more research is required.

  • Great info, very well explained for non-technical users! Important to remember that individual computers can be targeted too, so make sure the critical personal computers are backed up in addition to the servers.

  • There was just the first Mac OS ransomware found in the wild, also android ransomware. As well as embedded OS ransomware, think about that ransomware that could cripple the power grid!

  • I have always had the benefit of a dedicated IT staff that manages the organization’s data security but we all need to be aware of these vulnerabilites and more importantly know what not to do to allow them through. Very informative post. I would like to learn more about how to educate end users to be security savy.

  • I tend to think that I don’t need to worry about this, since I’m just an individual user, but it would be devastating to lose the work I have on my laptop. Thanks for the reminder that I still need to be prepared.

Leave a Reply

Your email address will not be published. Required fields are marked *