September 25, 2017 –

We’ve encountered some interesting perspectives when talking with small businesses about ransomware.  Unfortunately what we’ve found is most small and midsized businesses have beliefs about cyber security and ransomware that are anchored more in myths than in facts.  Here’s the two biggest myths we encountered, and why they’re dangerous for your business.

Myth #1: I won’t be a victim of ransomware

The first thing we found is that most small businesses think they won’t be a victim.  After all, who would want to steal their data?  Unfortunately the stats don’t prove that out….according to Symantec’s 2016 Internet Security Threat Report 43% of cyber attacks actually target small businesses.  That’s a startling statistic, but when you break it down it makes sense….small and midsized companies might not be as likely to invest in protecting their business, so they are often an easier target for hackers.

When it comes down to it, hackers likely aren’t interested in stealing your data to sell it.  However they recognize that getting access to your data is ESSENTIAL for you and how you run your business.  By holding it ransom, they know you’ll be willing to pay to get it back.  For more information on how we can help you manage threats to your business, visit our Threat Management page.

Myth #2: Back-ups will protect me

The second thing we found is business owners believe that they are protected from ransomware.  After all, they’re backing up their data.  This falls under the theory that if they have a backup, they can just copy their files back over and they are all set.  Unfortunately, just backing up your data won’t necessarily provide the protection you think.  And even if it does, the cost of recovery will still likely be more expensive than preventing the attack in the first place.

Let’s break this down a bit.  Why wouldn’t backing up your data be sufficient?

Reason #1:  Back-up Software Can Be Manipulated

Some sophisticated hackers can directly manipulate the actual backup software that is installed on your network to erase and/or corrupt the backup files.  If the files are sitting on your network, they can be found and compromised.

Reason #2: “Shadow copies” Aren’t in the Shadows

Servers running Microsoft Windows can create backups of their environment, called Volume Shadow Copy Service or (VSS).  This service allows you to create copies of your data on the server.  The VSS takes a snapshot of the system, even while it’s in use.  It’s a convenient way to quickly restore data. However, for those businesses relying upon these shadow copies as an emergency “backup” of their systems, it’s important to note that ransomware will routinely delete these copies.  They can’t be relied upon as a safe backup option.

Reason #3: “Sleeper” Ransomware

One of the latest trends for ransomware is the waiting game.  We call it “Sleeper Ransomware.”  Here’s how it works.  Hackers have realized that as businesses become more diligent about protecting their data they are more likely to have backups.  Once the ransomware breaches your network, instead of triggering the encryption process right away and locking up your data, it will sit and wait.  Sometimes for weeks or months.  It spreads throughout your network and becomes backed up through your normal backup process.  While you think you have a solid backup, what you actually have are backup files that are also infected.  Depending on how long you keep your backups, you may or may not have your files securely backed up after all.

Reason #4: Ransomware Trained to Find your Backup Files

Back-up products will store the backup files in a default network directory.  When you install the software you can pick a different location (i.e. harder to guess and more secure) but this step is often skipped.  The default location is documented online, and hackers will have this information.  They will program malware to work its way through the network, find these default back-up storage locations, and erase or encrypt your backup files.

For more information on how to protect your systems, please download our free whitepaper “Data Security: Top 10 Ways to Protect Your Business”.  And please feel free to contact us at any time.

–          The AccountabilIT Team