With cases dating as far back as the late 1980’s, ransomware is older than you might think. Despite this, most individuals and businesses live on the edge when it comes to protecting themselves from having their data held for ransom. As of 27th June 2017, USD 130 000 in Bitcoin payments were recorded for the WannaCry attack. Which warrants the question: Would you pay to get your data back? Sadly, even if payments are made there is no guarantee that hackers will honour their “promise” to provide a decryption key. What you can rely on is doing as much as possible to restrict exposure and avoid infection altogether. Our advice to you would be to ABUSE the system.
ABUSE is an acronym for Activate, Backup, Update, Secure and Educate. Let’s break it down.
We’ve all at least thought about getting a cracked copy of that vital albeit overly expensive piece of software. In South Africa for example, a licensed version of Windows 10 Home edition retails for around R1500. While prices may make cracked software appealing, the issue is that often the mechanism used to crack it opens a backdoor into your system for hackers to take advantage of. Alternatively, the crack itself is a virus. Consider that it can cost upwards of USD 300 (that’s about R4000) to get your data decrypted if it’s infected with WannaCry. It simply makes financial sense to ensure your software is genuine.
This is an obvious one. Backing up protects you from hardware failure, theft and to a certain extent, virus infection. With the availability of cloud services such as Dropbox many assume that using such a service is a secure way to backup your data. While this can help in protecting you from theft and hardware failure, these kinds of mechanisms tend to synchronize compromised data - spreading it across multiple devices instantly and even acting as a catalyst to the destruction of further data. The age old 3-2-1 rule is really the only foolproof method of ensuring recovery after data loss. Make sure you have 3 copies on 2 different types of storage with at least 1 of them being kept off site and where possible, use backup software to handle your backups for you. Veeam Endpoint, for example, is a free backup utility that automatically performs backups which are secure and easily recoverable.
Many organizations choose not to update their software and operating systems because of possible downtime and the cost of doing so. The risk here is that ransomware attacks like WannaCry exploit weaknesses that are usually rectified by regular updates. In this case an update was released by Microsoft in March of this year - nearly 3 months before WannaCry made headlines. A great deal of money and stress could have been spared.
The most obvious yet misunderstood aspect of protecting your data is security. This is largely because it’s assumed that if you have an antivirus installed and up to date, you’ve done what’s necessary to keep yourself from being infected. While traditional antivirus software does offer some level of protection, there is a reason for free and paid versions of the same software. Paid versions bundle antivirus with anti-malware, along with a firewall and internet browser plugins, among other elements that add multiple levels of protection. There are also technologies like two-factor authentication, virtual private networks, data leak prevention, poison pills and many more that can ensure your data is watertight and your security measures are effective. Phenomena like BYOD add further exposure, if anyone can plug into your network, do you know what their device is exposing your network to? The same applies to public, open access or free WiFi networks, all internet traffic through that network is effectively insecure without protective measures.
Possibly the most important of all points in the ABUSE system is to stay informed and educate your staff about data security. Often employees are unaware of the risks associated with their online activities. Hackers use day-to-day productivity tools by sending phishing emails and hiding macros in office documents to plant their seeds. A simple mistaken click can potentially bring an entire organization to its knees.