Ransomware 101

Ransomware is a worldwide phenomenon that is affecting users all around the globe. According to a recent study published by McAfee Labs, ransomware growth increased by 58 percent for the second quarter of 2015. For all businesses, small or large, the question is not “Will I be a victim of ransomware?” Instead, the question everyone should be asking is “Will I be prepared when ransomware attacks?” That said, falling victim to a ransomware attack is not the end of the world if you have a proper backup policy in place.

Ransomware first arrived on the scene in 2005. The first known ransomware strain was The Trojan.Gpcoder, which affected Windows operating systems.  Ransomware is comparable to humans in that it comes in all shapes, sizes, and colors. Ransomware attacks once used screen pop-ups that would notify users of the attack and the amount of money required to unlock a computer. Today’s ransomware attacks are more sophisticated than ever and use “unbreakable encryption.” That usually means if you do not have your data backed up you will not be seeing that data again (AKA you’re toast)—unless you pay the ransom. And paying the ransom does not guarantee that you will gain access to your data.

Ransomware can infiltrate and spread through your systems in a matter of minutes; all it takes is one wrong click. This type of malware typically enters a network through its weakest link, normally social media or an email with an infected link or attachment. Ransomware is an effective form of cybercrime because the attackers can instill both fear and panic in their victims. But there are other reasons as well: ransomware is easy to create and deploy. The good news is that we can all fight this sort of cybercrime with a thorough backup plan.

Have you ever asked yourself: “What would happen to my business if I lost all my data?” Having a backup plan in place is not just a sound operational practice but is often required by law or regulation. HIPAA requires healthcare organizations to have and test a viable data backup and disaster recovery plan. The same holds true in the financial services industry; both the OCIE and FFIEC, have made this a clear priority in their enforcement and audit practices.

If you currently do not have a backup plan in place, today is a great day to develop a plan. EMC is a great place to start when shopping for backup products. Mozy and Spanning by EMC both offer great protection for your data wherever it resides. Mozy is an endpoint solution that backs up files on your computers to our cloud. Spanning protects your born-in-the-cloud data for Salesforce, Office 365  (including One Drive), and Google Apps (including Google Drive).

Ransomware is a growing threat to businesses—SMBs and enterprises— and consumers alike. In 2014 alone there were 2,122 confirmed data breaches! There are steps a company can take in order to harden their security against this sort of cybercrime. First and foremost, businesses must have a legitimate backup plan in place. In addition, we strongly recommend testing the backups periodically to make sure they’re intact and up to par. Ransomware is a real threat to today’s businesses but can be successfully combated with today’s technology.

About the Author: David Tye

David is a California native, born and raised in the Bay Area with a passion for technology. Upon graduating from a local university, David was hired on to the EMC Marketing team full-time. Over the past few years, David’s focus has been on a variety of data protection products and services. Outside of work David enjoys spending time in the outdoors and watching sports.