My Encounter With Cyber Terrorists in a Ransomware Attack
The scene would be so familiar to so many people, played out on millions of cinema screens and TV’s all over the world for decades – the bad guy holding a defenceless victim hostage and demanding a ransom be paid or the loved one will cop it in the neck.
While not quite as dramatic, the ransom scenario is now being played out for real in businesses around the world in scenes not as glamorous as a Hollywood blockbuster, but with an impact that is all too real, except it’s not people but data being held to ransom. Welcome to the new world of cyber terrorism and ransomware – unfortunately coming soon to a business near you.
So, what is ‘ransomware’ anyway?
Dating all the way back to the Trojan virus in 1989, Ransomware is a generic term that refers to malicious software that prevents a user from accessing the files on their computer, until a ransom is paid. There is an ever-growing variety of these nasty programs circulating in cyberspace – one of the more well-known ones is the crypto-locker virus, which encrypts all manner of files on a computer’s hard drive, locking them out from all user access. One example in early 2017 was the hacking of the computer systems of an Austrian hotel, where its electronic room key system was hijacked and staff were unable to program the key cards until a ransom was paid – interestingly this was the fourth time this particular hotel was targeted and they now plan to switch back to physical keys for guests to unlock their doors.
If one of these malicious programs makes its way onto the computer network of a business, it can spread from machine to machine, quickly infecting the entire network. This type of attack can cripple a business in a matter of hours, if quick action is not taken to isolate the problem and control the spread.
The cost to people and businesses from ransomware attacks is rising dramatically, with estimates from the FBI putting the cost of damages in the region of $1B in 2016.
It’s all about the data
We’re now in the Information Economy, where data is King. Losing access to your files and your data can have a crippling effect on your business. In days of the not too distant past, we might have been able to get by without access to our computers for a while, but picture this for a sobering view of our data dependency in today’s business world – you arrive at the office tomorrow morning and turn on your computer to find that you cannot access one single file on your entire computer! No documents, no spreadsheets, no pictures, no videos, no programs, nothing at all – how productive would you be then? Multiply this by all your staff and you quickly see why so many people just pay the ransom out of desperation.
My experience with cyber terrorists
In a previous job I personally saw the carnage caused by a crypto-locker virus attack on a firm of 45 people seeing first-hand the destructive effects. The downtime cost was in excess of $40 000 and the cost for the IT firm to resolve the crisis was in excess of $5 000. And this was even with a virus protection system in place! Unfortunately, the virus came in through an attack on an old unmonitored computer still connected to the internet.
how do they attack?
Ransomware attacks commonly come in via email traffic, where unsuspecting users see realistic-looking emails from well-known companies (emails from big organisations such as Australia Post, AGL and even the Australian Federal Police have been used by attackers in recent times) and click on apparently innocent links such as checking account details, tracking the progress of a package, or viewing a statement online. This simple act of clicking on the link activates a chain reaction of events with disastrous consequences.
Just like your parents might have advised you in times gone past, make sure you ‘use protection’ to prevent infection (from Ransomware attacks). It’s generally accepted that a multi-pronged strategy is required, including the following main elements:
- User education and awareness of the threat, to prevent opening suspicious emails and files.
- Strong passwords that are complex and changed regularly.
- Robust and up to date anti-virus software.
- Firewall systems.
- Having an up to date, effective backup system in place to allow recovery back to a time just before the attack.
- A good IT company to set you up with the right systems and help you get back on deck in the event of an attack.
“The opinions expressed by Smallville Contributors are their own, not those of www.smallville.com.au"
SHARE THIS ARTICLE WITH LIKE MINDED SMALL BUSINESS PEOPLE