Ransomware can be costly for your business. The Horry County School System in Conway South Carolina came under attack recently; hackers successfully inserted a virus into the school’s network and locked officials out of the system entirely. The hackers did not aim to steal student data but to prevent the school from accessing records. After working for a week to restore access, the school board agreed to hand over a hefty sum to regain access to their data.
The thieves demanded $8,500 to allow the school to regain access to their own data; even once the school board approved the payment, they had difficulty paying the sum. The thieves demanded the ransom be paid in Bitcoins, further delaying the restoration of the systems.
Administrators and the school IT department blame the breach on old servers and outdated anti-virus and anti-malware programs. Once the ransom was paid, the school began the process of restoring their systems and upgrading their security – with a goal of preventing another disastrous breach in the future.
The Conway school system is not alone; Hollywood Presbyterian Medical Center Hospital faced a similar attack in early February. Hackers used malware to infiltrate the hospital’s internal servers and communications, rendering some departments, including pharmacy and radiology inoperable for nearly a week. The hospital paid a $17,000 Bitcoin ransom to regain access to their data.
What is Ransomware?
The attacks on Hollywood Presbyterian and the Conway school system used a form of ransomware – basically, the hacker intercepted the school’s data and then encrypted it, making it impossible to retrieve. The school was forced to decide between total data loss and handing over the ransom demanded by the hackers; it was easier to comply than risk losing their valuable information. By complying with the hacker’s demands, the school did more than just regain access to their own data; they also made it more likely that other, similar attempts would be made. A successful, publicized hacking with ransomware that resulted in a big payoff for the thieves simply makes this scenario more attractive to other would-be thieves, so protecting your systems is a must if you want to be truly secure.
How to avoid losing your data – and forking over cash to get it back
Use Anti-Virus Software: You won’t be able to spot every attempted breach or virus package, but the right anti-virus software can. Train employees to avoid downloading software, content, and images that could contain a virus – and be diligent about updating and maintaining your anti-virus programs to prevent a thief from holding your business or data for ransom.
Use Anti-Malware Software: Software that can identify malware and remove it from your system (or better yet, prevent it from being installed in the first place) can help you keep your data secure. Regularly updating your software can ensure that you are protected from the most recently identified threats and improve your overall security. Good security software, such as ESET, will offer both malware & antivirus protection for your business.
Purchase, Use, and Properly configure Firewalls: The best firewall in the world won’t help if you turn it off. Make sure that your firewall is functioning and that you do not turn it off – and your employees need to keep firewalls intact as well. You can allow exceptions for legitimate programs and still enable your firewall to protect your data and network from harmful ransomware and malware.
Get help: Network security needs to be a top priority for your business and it isn’t something that you should try to tackle on your own. Hiring an outside IT company, such as Xecunet, to evaluate your security and maintain your network with Managed IT services is a prudent move that can save you a lot of potential problems down the road.
Publicity about incidents like the ones featured above will only make the problem worse, as more thieves and hackers are inspired to defraud legitimate businesses and entities. Learning about the ways your data could be impacted by a breach can help you protect your business and network and ensure that your business and customers are secure.