October 26, 2017 16:22
Published: October 19, 2016 23:42
Extortion of business owners isn’t exactly something that’s new.
Nowadays, strong-arming tends to happen in a little more… digital sense. Ransomware, the viral software that locks up your computer unless you pay the crooks to “unlock” it, is on the rise all over the world, and even more so here in Canada.
But, you ask, I’ve never been hit with ransomware… I wouldn’t even know what to do!
Yes, imaginary business owner person. We know, and we’re looking to fix that. Below, you’ll find some of our tips for what to do if and when you become the victim of a ransomware attack:
This is the most common question. Here in Canada, we’ve seen the highest uptick in the number of attacks of any studied country, and that’s because we are the ones that are paying out to get our systems back. Over and over and over again. And the more money that goes out, the bolder the criminals become. We feel that a company should do everything in its power to avoid paying the ransom if it can. We understand that, depending on the nature of the files locked or stolen, this may not be the case with everyone, but paying the ransom only makes these criminals stronger. Considering those files lost and moving on with your business life is sometimes not the worst option. That may not sit well with all of you, but it’s the truth.
If any of your computers have been infected by ransomware, make no mistake, a crime has been committed. More than likely, the perpetrator isn’t even in Canada, and payment would be made in Bitcoin to further protect the identity of the crook, so outright catching them may not really be possible in all cases, but if we don’t call, then the organizations that might be able to put a stop to it will never know that anything happened, and that’s not going to help someone that might be a future target. Remember, the only thing necessary for evil to prevail is for good men to do nothing.
One of the reasons that you might have been infected is that your security software might not have seen this particular strain of ransomware before, and so it slipped past the “blacklist” and into your system. One way to help prevent this in the future, and for any other companies that use the same security software you do (as a Hosted PBX provider, we provide security software to many clients…) is to have your security software people get a sample of the ransomware itself. Once they do that, they can add that to the “blacklist” and that particular strain can’t get back in again. And the more companies that do this, the fewer options the bad guys will eventually have.
We’ll continue this again with the next post, so stay tuned!