February 17th, 2016 by admin
A new combination of a sophisticated password-stealing Trojan, powerful exploit kit, and content-encrypting ransomware is making its way around the Internet infecting Windows users. If it hits your business, you’re looking at a considerable loss of time and finances.
It’s estimated that businesses worldwide spent around $491 billion in 2014 managing the blowback from data breaches and malware infections. Making sure your business is ready to minimize the amount of damage a ransomware attack can do is the best course of action for dealing with cyber threats like these.
Ransomware has taken system-disabling malware to a whole new level by trying to extort money in exchange for returning control.
Ransomware that employs data encryption programs like Cryptolocker and CryptoWall uses a complex encoding algorithm that locks off important data on the computer—so removing the ransomware will not restore the data.
In many cases, paying the $24 to $600+ demanded to decrypt the information ends up being practical, because restoring the lost data would end up costing more. However, it is possible that even after you’ve paid the ransom the hackers will not restore access to your system. So pay at your own risk.
Kicking You When You’re Down
The new malware fusion doesn’t just lock a user out of their computer or try to steal login credentials; it does both, and tries to use some of that stolen information to hijack websites the user has admin access to (and propagate itself across more systems). According to PCWorld, the new disastrous malware mix uses the “Angler” exploit kit, the credential-stealing “Pony” Trojan, and the “CryptoWall 4” ransomware. If any of your business’s computers are hit with this malware campaign, you’ll have to deal with compromised account login information, possible FTP and SSH website access breaches, and all the data on the infected computer is as good as lost. So you’re not only looking at the expenses for changing passwords, locking down websites, and replacing lost information, but also the dozens of hours redoing lost work.
The Best Defense
Even though malware finds new ways to compromise systems, it is still a best security practice to keep your antivirus and system software up to date to protect your information. However, keeping everything updated can be problem for some companies, as vital software may not work correctly following an update. Additionally, businesses should avoid using computers running old, outdated operating systems like Windows XP that are no longer receiving security updates.
Making sure your important information is also saved in off-device storage (like an external hard drive or on a cloud service backup) is one of the best things your business can do to minimize the amount of damage caused by a system-disabling malware attack. If the system is infected, the backed up data will still be up to date—and instead of losing months of work, you’re looking at a few hours or days instead. Moving work to cloud-based applications with online storage is another good way to prevent loss from malware. If an employee’s computer gets hit with ransomware, any work they’ve been storing or working on through a cloud service is still safe and secure.
Need advice on backing up your data? Get in touch with a local MSP today.
Posted in: Cyber and Data Security