Ransomware and You

In the last couple of years, ransomware has appeared as the next big threat not just on the horizon, but affecting people today.  Never before have we directly known more companies impacted by a single type of threat as often, or has heavily, as with ransomware.

The basics of ransomware are that a malicious outside organization manages to gain control of all or a large portion of your data and hold it in such a way that you must either pay a ransom or else the data is permanently destroyed.  Typically you are forced to decide quickly whether or not you will pay, making the entire situation more tense and giving you very little time to plan or react – no time to test your backups, or see if there is a way to recreate the data.

Many companies choose to pay heavy ransoms, often thousands or tens of thousands of dollars, without any guarantee that their data will be restored once they pay! This makes the situation so much more dire; a complete lack of assurance that anything will restore your data.  Law enforcement is all but powerless to help.

These days, it seems nearly certain that almost every business will experience a ransomware threat at some point, and many have been hit more than once, already.

Strategies exist for protecting your business from ransomware, but it can be difficult.  Traditional strategies of user training, email filtering, anti-virus, good desktop security controls, and so forth do help, but are not enough.  Additional protection from technologies like version control, long retention backups, and even rethinking the fundamental design of your network all play major parts in reducing or eliminating the ability for ransomware to impact the network.

Ransomware has caught not just companies unprepared, but many MSPs and IT firms lack the necessarily security and infrastructure experience to tackle the kinds of changes needed to effectively deal with a future that involves threats of this nature.  Protecting against ransomware isn’t a quick fix, or a checkbox, it requires significant planning, and possibly some major changes to how your business works.

There are benefits, too, though.  Ransomware might be an unfortunate reason to have to modernize your network, but in doing so there are many other potential benefits to reap which may make the entire process beneficial.