Contact Us Today!   314.394.3001   |   info@andersontech.com

Tag Archive for: ransomware

Posts

Tired of Waiting to Work?

/in , /by

The true cost of ransomware.

Ransomware is a major threat right now. According to Datto, experts in data backup and recovery, 80% of managed services providers (MSP) report ransomware attacks in 2018, and 35% report that some of their clients experienced multiple attacks per day. Clearly, ransomware is nothing to sneeze about.

Surprisingly, though, it’s not the ransomware attack, but the downtime afterward that accumulates the greatest cost to your company. Time, manpower, customer and vendor trust are all affected. This increases the importance of defending your company against this threat.

Here’s a quick recap of what happens in a ransomware attack. First, your network or computer is compromised. Next, an intruder plants an infection that encrypts your data files, until, theoretically, you pay the “ransom.” Until then, you are stuck. You can’t use your hardware, applications, or access any of your data. Any employees who connect to your network for their job can’t work. Even if the ransom is paid, the likelihood of getting your data back as it was is fairly small. During this attack, your network is fair game to the cyber criminals, and you’ll have no idea which files they will exploit. In all reality, you might be starting from scratch to get your company up and running again. And that takes time. If you aren’t protected and prepared, you could suffer weeks of lost revenue with a high cost to recover.

The best solution for defending your company against ransomware is a multi-layer approach. To keep your network safe, you must have the following:

  • A properly configured hardware firewall
  • An internet content filter
  • Email scanning prior to delivery
  • Antimalware/antivirus software on each workstation
  • Current operating system and third-party application updates
  • Consistent, reliable, and tested backups

Whether it’s a cyber attack, human error, or hardware failure, a multi-layer approach is a safeguard for when one layer is compromised.

Read more about ransomware!

Backups are one of the most important aspects. They are your insurance policy to eliminate a huge amount of downtime. If ransomware infects your network despite all of the safeguards in place, your current backups will ensure your data is retrievable. Consulting with your IT department or MSP to ensure your backups are properly configured will keep the ransomware from infecting the backups as well.

Unfortunately, many companies don’t have all of these measures in place, and when ransomware hits, things get chaotic. Downtime can turn a disaster into a catastrophe.

Studies show that downtime has twelve times the cost of the actual ransomware attack. To calculate downtime, you must take into consideration direct employee costs, productivity losses, halted company production, and even more importantly, how your clients are affected. Are they getting the products and services they paid for? How does that affect their trust in you?

To counteract these detrimental costs to your company, it is important to focus on prevention and prepare for the worst, so when something does happen, your downtime is minimal. Backup services provide disaster recovery as a service to ensure your peace of mind no matter what.

Downtime Contributors

Ransomware isn’t the only cause of downtime, though. There are other things potentially sapping your company’s productivity every day. Poor performance due to outdated hardware, slow internet speeds, and hardware failure. How much are these often-overlooked daily experiences costing your business?

Old Hardware – New Software

Continually spending money on hardware can be frustrating. Unfortunately, that is the reality in the tech world. One year, the latest technology comes out with a wow and a bang, and by the next year, that amazing equipment is already out of date. Within a few years, it’s obsolete and can no longer handle even the most basic software updates.

Older hardware simply wasn’t designed to handle the latest resource-intensive apps.

Because technology changes so quickly, Anderson Technologies recommends replacing computers every three to five years, depending on your specific requirements. Replacing 20% of your machines per year keeps all equipment on a five-year rotation and your budget reasonable.

How can this plan save your company from downtime?

By upgrading your hardware regularly, your systems stay efficient and fast. You won’t have to wait those 30 seconds for an app to load when it should load in a fraction of that time.

Thirty seconds of downtime doesn’t seem like much until you calculate the cost of those accumulated seconds lost every week.

Hardware Failure

Hardware failure, be it a laptop or server, will happen, and inevitably it will occur at the worst possible moment, like during your busiest time of year. Because of this, it’s best to be proactive. If you’re continually refreshing hardware, not just computers, at the rate of 20% per year, everything will be less likely to experience failure due to age.

Just like with ransomware, the best insurance policy against hardware failure is having up-to-date backups. Failed hardware can easily be replaced, but the information stored on it may be lost unless it’s backed up regularly. Your MSP can help you determine the frequency of backups and provide backup options to ensure that your company can get up and running as quickly as possible.

Slow Internet

This is probably the most common downtime-inducing culprit. There are several factors that may contribute to slow internet. The first step is to double check what speed you pay for with your internet provider and make sure it matches the speed you observe on your network. If the two speeds match, then you may need to invest in more speed.

If you’re paying for a higher grade of internet, but still experiencing slow speeds, there may be something misconfigured in your firewall or switch. If the firewall or switch are over five years old, they might need to be replaced. Older firewalls or switches are just like the old hardware we mentioned earlier – they can’t keep up with the traffic going through them and act like a bottle neck. For instance, your LAN switch may be running at 100 Mbps, but you’re paying the ISP for a 400 Mbps internet connection! Upgrading to a gigabit switch in this example is a simple, cost-effective solution. A properly configured and updated firewall and network switch will give each user the full speed the internet allows instead of bogging it down.

 

Would you like more information about saving your company from the threat of ransomware and downtime? Contact Anderson Technologies at 314.394.3001 or email us at info@andersontech.com.

Cyber Security St. Louis Ransomware Small Business

Cyber Security in St. Louis: Ransomware Nearly Destroyed This Small Business

/in , /by

Ransomware attacks have been making international headlines, and St. Louis cyber security threats are all too real. See how one local business survived a ransomware attack with the help of proper IT support.

In late June, malware struck companies in the U.S., Europe, and the Middle East. This massive attack, a variant of the Petya family of ransomware, infected thousands of systems. This was on the heels of the largest global ransomware attack in history, WannaCry, the consequences of which are still being tallied months later.

In a ransomware attack, cyber criminals infect a computer or network with malware that encrypts data, rendering it unusable. They claim they will decrypt the data in exchange for a ransom, which is usually requested in the form of bitcoin. However, there is no guarantee that the data will be returned.

In light of these recent crimes and a spike in cyber attacks worldwide, ransomware protection is a hot topic. The International Police Organization (INTERPOL) recently held its annual security conference, INTERPOL World, which brings together law enforcement, security professionals, and technology providers. On the agenda was the mounting volume of cyber threats and the heightened importance of cyber security. St. Louis businesses need to tune in, too. Ransomware defenses, and other cyber security concerns, are as much local issues as they are international ones.

Just One Example of Ransomware in St. Louis

Earlier this year, a small business in the greater St. Louis area* experienced the severity of cyber security threats firsthand when ransomware infected its communications server. Luckily, when it was detected, the ransomware was confined to that device. The business’s IT support vendor detached the machine from the network, scanned it to remove the threat and returned it to the infrastructure after believing all instances of the threat had been identified and eradicated.

It had not! This time the ransomware spread throughout the network and locked up business-critical data on the primary fileserver. Because the company did not have a backup system in place, the IT vendor said it was unable to retrieve any data and suggested the only option was to pay the ransom.

The business owner was in a total panic at that point because every piece of client data for the entire business had been rendered unusable. The ransom was expensive. He knew that even if he paid it, he still risked receiving partial data, damaged data, or nothing at all. From an ethical standpoint, it felt like the wrong thing to do. Law enforcement recommends people not to pay the ransom as it encourages subsequent attacks.

The Road to Ransomware Recovery

The business owner wanted a second opinion. With a quick Google search, he found Anderson Technologies, a local St. Louis cyber security firm. He called and shared his story. Mark Anderson and his team agreed to do their best to help. Luke Bragg, senior system administrator at Anderson Technologies, went onsite, assessed the situation, and conducted a deep inspection. He discovered the ransomware had infected most of the drive but upon further investigation identified previously hidden copies of company data that were untouched. After successfully removing the ransomware Luke recovered every single file.

The ransomware recovery process took two days, but in the end the Anderson Technologies team retrieved all the company’s data, onboarded it to its managed IT services program, put new cyber security preventative measures in place, and implemented a reliable approach to backing up all the company’s files.

This is an extraordinary story and certainly not the norm. Unfortunately, plenty of businesses are attacked by ransomware from which they cannot recover. However, this example illustrates two important points:

  • Businesses must take ransomware protection seriously with cyber security. In St. Louis cyber criminals attack companies big and small.
  • The skill and experience of your IT partner affects the outcome of your ransomware recovery process.

This story could have had a different ending if the company chose a less experienced IT firm. Should your company be in a bind, choose a partner with a proven track record.

Anderson Technologies is a St. Louis cyber security company that specializes in ransomware protection and recovery. For more information on our services, email info@andersontech.com or call 314.394.3001 today.

*To protect this business’s privacy, we have omitted its name and any identifying details.

Ransomware St. Louis

Why Is Ransomware on the Rise in St. Louis?

/in , /by

Ransomware is on the rise everywhere, not just in St. Louis. Ransomware can cost a small business tens of thousands of dollars—or even more! Let’s take a look at the proliferation of ransomware, and how your business can protect itself.

A small business’s data is one of its most valuable assets. When criminals launch a ransomware attack, they use malicious software to hold your data hostage. They claim they will give you access to your data in return for a “ransom” payment (although criminals aren’t exactly known for being true to their word).

One of the most common ways in which cyber criminals launch ransomware attacks is by sending phishing or spear-phishing emails. Employees download attachments or click links that look innocuous enough, but they end up inadvertently installing ransomware on their computers as a result. The ransomware then searches for user data to encrypt on the computer or on the network or cloud-based storage system. Once data is encrypted, you won’t be able to use it, and the bad guys send a message with instructions on how to render your files usable again—by paying a “ransom,” often in the form of bitcoins. Often sending money to the criminals provides no guarantee they will release your data.

According to the United States Department of Justice, more than 4,000 reported ransomware attacks occurred daily since January 2016. That is a 300 percent increase in just one year.1  At Anderson Technologies, we frequently hear about St. Louis ransomware attacks—both from local small businesses and reports in the media. Earlier this year, ransomware impacted all 17 branches of the public library in St. Louis. Ransomware rendered their computers unusable. Library management refused to pay the $35,000 ransom and worked with its IT staff to remove the virus and restore service.

Ransomware Makes the Bad Guys Big Money

The reason ransomware is on the rise comes down to economics. In 2015, the FBI reported  approximately 327,000 robberies in the U.S., which accounted for an estimated $390 million in losses.

That same year, there were approximately 127,000 cyber attacks reported in the U.S., accounting for over $1 billion in losses. It’s no wonder criminals are turning to cyber crime. That’s a whole lot fewer attacks for a whole lot more money. Plus, currency like bitcoin makes it easier for criminals to carry out crimes since they can anonymously collect the ransom.

If you factor in downtime and the cost of recovering files, cyber crime actually costs companies approximately $75 billion each year.

Is Your Business Protected from Ransomware?

Ransomware is also on the rise because the bad guys are getting better at designing believable phishing and spear-phishing emails. Gone are the days of scams that are easily identifiable, ridden with typos and strange verbiage. Today, cyber criminals have gotten better at mimicking the language and graphical design of reputable companies, which improves their chances of someone clicking a harmful link or attachment.

For small businesses in St. Louis, cyber security protection is an intricate process. You need a multi-tiered approach that includes a firewall, intrusion protection system, internet content filtering, anti-virus and anti-malware software that runs in real-time and is updated regularly, and a thorough and tested approach to backing up your system files. You also need to educate your employees. Even if you are working together with a managed IT services provider to do “everything right,” it takes just one click from an unsuspecting employee to introduce an issue your prevention efforts will have to deal with.

Although your managed IT services partner can reduce the likelihood of an email containing ransomware hitting your employees’ inbox in the first place, malicious messages can still get through. Email providers like Google and Microsoft scan your messages and try to filter out ones that look suspicious, but criminals are working just as hard to update their tactics. The final layer of protection between a St. Louis business (or any business for that matter) and ransomware is employee education.

Just last month, a St. Louis small business called Anderson Technologies in distress. It had just fallen victim to a ransomware attack. Its previous IT services provider wasn’t able to restore its files, but Anderson Technologies experts managed to eradicate the malware and recover the compromised data!

Ransomware stories don’t always have such a happy ending. Indisputably, your best bet is to reduce your chances of coming into contact with ransomware in the first place. Anderson Technologies has a team of St. Louis cyber security and ransomware experts who can help protect your business. For more information on our St. Louis cyber security services, email info@andersontech.com or call 314.394.3001.

1 “How to Protect Your Networks from Ransomware” U.S. Justice Department. Retrieved on April 20, 2017 from https://www.justice.gov/criminal-ccips/file/872771/download

Inc-Magazine-Logo

Quotables: Surviving a Ransomware Attack (Inc. Magazine)

/in /by

We’re proud of Mark Anderson’s recent expert IT consulting advice for an Inc. Magazine article about ransomware!  Mark provides Inc. readers with tips on how businesses can protect themselves from increasingly tricky attempts by criminals to infiltrate business-critical files.

Read the full article on Inc.’s website:

http://www.inc.com/carbonite/surviving-a-ransomware-attack.html

Are you in need of expert IT consulting?  Anderson Technologies is a St. Louis IT consulting firm that specializes in system administration for small businesses.  Let us help you today!  Give us a call at 314.394.3001 or email us at info@andersontech.com.

What are Quotables?  This is a category in our posts to highlight any professional publications that benefit from our expert IT consulting advice and quote us in articles for their readers. 

computer shock

Avoid Being Held Hostage! Ransomware: What Is It and How Can I Protect Myself?

/in , /by

As technology constantly evolves, we find ourselves facing ever more disruptive threats. That’s why it is absolutely critical we remain diligent in protecting ourselves from new dangers and stay proactive in our security posture.

An increasingly prevalent computer threat is ransomware.

Ransomware is designed not to corrupt or even steal your data but to hold it hostage and require payment of a “ransom” to get it back. Two widespread examples are CryptoLocker and CryptoWall. Based on FBI estimates between April through June 2015, the latter generated over $18 million for its perpetrators.

Commonly, ransomware comes as a harmless-looking email attachment from what appears to be a trusted source. When the unsuspecting user clicks the attachment, it installs a small program that immediately searches for your data on local drives, network shares, and even cloud-based storage. Once found, the data is encrypted, rendering it inaccessible. Attempts to access your files result in a prompt to pay a ransom to “unlock” the data and reverse the encryption.

This devastating program was depicted in an episode of CBS’s drama, The Good Wife. An employee unknowingly installs ransomware within the firm’s network, locking all the information at a law firm until a ransom of $50,000 is paid within 72 hours. In reality, typical ransom fees are lower but no less devastating for a company that can no longer access any of its critical data.

Imagine how disruptive this is for businesses in this predicament. In many cases, companies with no disaster recovery plan find themselves paying the ransom. As reported by this Wall Street Journal article, according to Tom Kellermann, chief cyber security officer for Trend Micro, Inc., “Around 30% of ransomware victims pay to regain their data.”

All of this underlines the importance of having high quality, up-to-date computer security implemented within your IT infrastructure.

What can you do to protect yourself? Here are seven tips:

  1. Educate everyone using devices attached to your business’s network of the issue (you can forward this article to them right now!).
  2. Use caution when interacting with email. Delete anything suspicious. When opening attachments, check the sender’s email address first. If it looks dubious, verify its legitimacy prior to opening. If it doesn’t feel right, it probably isn’t!
  3. Exercise extreme caution prior to clicking website popups even if they appear legitimate. If you’re unsure, ask for a second opinion. Better to be safe than sorry.
  4. Only download and install browser plugins and extensions from industry standard, verified sources.
  5. Install computer and network security software that includes regularly updated anti-malware, antivirus, email scanning, and web/content filtering capabilities. The combination of multiple security products designed to handle particular threats provides the best protection.
  6. Keep all computers’ operating systems and applications current with the most recent patches and security updates.
  7. Implement (and regularly audit) a backup strategy that offers a short recovery time and flexible file restore options. This is often the most neglected area by businesses though it’s one of the most important – especially in the case of a ransomware attack. A good backup strategy gives you the ability to quickly restore data to a known good state prior to the infection, avoiding the need to pay a ransom.

If you have a security question, please call us at 314.394.3001 to discuss this topic in-depth. Whether it’s for your network, computers, or mobile devices, we at Anderson Technologies are here to help you find not just any solution for your security needs but the best solution for your business.

Like this article?  If so, check out another article here: Data Security: Just How Secure Will Your Business Be in 2016?