Trojan horses, redirects, keylogging, and other forms of malware have been around for a long time, and the battle between security software programmers and hackers continues daily. If your company has a website, updating your security is essential, because some black hat somewhere in the world may be trying to find vulnerabilities in websites that hold valuable data.

Hackers want your customers’ names and account numbers, credit card numbers, passwords – all the information required to assume their identities on the Internet and in the real world.

Data has value, and the bad guys have found a way to squeeze value out of your proprietary data using malware called ransomware.

Ransomware: You’re Locked Out!

Ransomware prevents businesses from accessing their own data. It encrypts the information on your company servers and workstations, targeting file extensions: doc, docx, jpg, xls. All your critical company data is now encrypted – and you’re locked out until you pay a hefty ransom.

The ransomware may be downloaded with an innocent click on an email from an unknown sender. It is often disguised as a pdf file. The .exe extension can be hidden, so even if you know enough to avoid opening mail from unknown senders, the ransomware is released when you click on what you think is a secure pdf file from a trusted source.

Think It Can’t Happen to You?

In 2019, the FBI’s Internet Crime Complaint Center (IC3) received 2,047 complaints identified as ransomware, with adjusted losses of over $8.9 million.1 This number doesn’t include lost business, time, wages, files, equipment, or any third party remediation services paid for by a victim.

Since early 2018, the incidence of broad, indiscriminate ransomware campaigns has sharply declined, but the losses from ransomware attacks have increased significantly, according to IC3 data.2 Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organizations, industrial companies, and the transportation sector.

Here in Nevada, the Clark County School District was the victim of a ransomware attack during the first week of school. On August 27, 2020, CCSD systems became infected with a virus that blocked access to certain files and may have compromised certain data about current and former employees.

How Does the Data Hijacker Get Paid Without Getting Caught?

Ransom payments can be made using a variety of Internet currency, including Bitcoin and prepaid credit cards. Other hijackers actually provide a “premium telephone number” you dial to make payment and have your data unencrypted and returned for use without damage.

To add to the stress, there’s also usually a time limit to pay off the data-hijackers. If the ransom isn’t received by the deadline, the data will be deleted or sold in hacker marketplaces, and your company now has even bigger problems. Client and company data is now in the hands of hackers, and even your Chief Technology Officer can’t decrypt it.

Ransomware can be attached to anything. Your business probably receives emails every day from unknown sources – prospects, customers, clients, sub-contractors – often you don’t know who sent that email. You open it and release ransomware across your company’s system.

Ransomware is difficult to track, and it’s usually sent out as part of a phishing scheme with legitimate company addresses as sources. Anti-ransomware software is available, but the best defense is preventing unknowing employees from opening executable files.

Even popular security software brands have a hard time identifying ransomware. It’s essential to employ front-to-back, blanket email filtering to prevent executable attachments – ransomware and other malware – from ever being seen by employees. These executable files should go straight to your cyber-security company for removal.

Create software restriction policies (SRPs) to prevent enabling the execution of ransomware files. Employees should be trained to identify potential ransomware and to scan all emails and attachments from unknown parties. Your IT can create group policies for the office network that prevent any employee from opening a potentially infected executable file.

It can happen to your company, and in a worst-case scenario, you lose virtually all critical business data.

To learn more about how you can help safeguard your company’s critical data, click here for information about cybersecurity from Nevada State Bank.

1. https://pdf.ic3.gov/2019_IC3Report.pdf

2. https://www.ic3.gov/media/2019/191002.aspx

The information provided is presented for general informational purposes only and does not constitute tax, legal or business advice. Any views expressed in this article may not necessarily be those of Nevada State Bank. Nevada State Bank is a division of Zions Bancorporation, N.A. Member FDIC