By Michael Tanji, GCA Global Marketing Officer and Chief of Staff
No company is too small or unimportant to be attacked. Your perception that the size or nature of your business makes you an unattractive target is just that: your perception, not how bad guys think.
Yes, there was a time when the nature of your business was what made you a target for cyber criminals and other malicious actors. Banks, credit card companies, and so on were where the bad guys went because, to coin a phrase, that’s where the money was.
As computer technology became more ubiquitous in the home, individuals were targeted because the bad guys figured out how to fool people into giving up the details of their bank accounts, personal information, or otherwise extracting valuable data to exploit.
Those threats still exist today, but the mere fact that you have computing resources of any type means you’re a target. Why? Two primary reasons: cryptocurrency and ransomware.
If you’ve never heard the term cryptocurrency before you’ve probably heard of bitcoin. Bitcoin is a cryptocurrency. A detailed explanation of the math behind cryptocurrency is beyond the scope of this post, suffice it to say that creating cryptocurrency requires a computer. Generally speaking the more, or more powerful the computers the better. The problem is that as time goes on, it gets harder to “mine” cryptocurrency. In the case of bitcoin, the cost of electrical power required to make coins exceeds the value of the coins you make. The solution is cryptojacking: hacking other people’s computers, mobile devices, websites, and other internet-connected resources so that the bad guys earn the coins, and you get stuck with the power bill.
Ransomware is a mash-up of “ransom” and “malware”. It is successful to the tune of several billion dollars a year, and it has been around in one form or another for almost 30 years but really came into its own fairly recently. A ransomware attack is very simple: someone infects your computers, encrypts the data on them, and demands that you pay them in order to get an alphanumeric key that will unlock your data.
For a lot of people their first reaction to a ransomware demand is that they don’t negotiate with terrorists…or kidnappers…or datanappers…whatever. It is a perfectly normal response that a lot of people advocate; these are usually people who aren’t facing bankruptcy because their company is being held hostage. If you don’t have current backups you have two choices: clean your systems of infection and attempt to re-create all the data you’ve lost (and all that that implies when it comes to time and money), or paying the ransom. You could engage a cybersecurity company to help you, but the cost of such services is almost certainly going to exceed the price of the ransom, and there is no guarantee that they will be successful in recovering your data.
Another important concern ransomware victims have is the trustworthiness of their adversary. What if the ransom is paid and they don’t provide the key to unlock the files? That’s certainly a risk, and it happens to some people, but in my experience (and everyone I’ve ever talked to who works these issues) the people behind ransomware attacks give up the key once they’re paid, and victims get their files back. In fact, the biggest, most “reputable” ransomware practitioners set up help forums you can use to work out any problems you might have in paying the ransom or decrypting your files. Why? For the same reason they deliver when paid: it’s good business. Think about it: in order for ransomware to work at scale, people have to know that they’ll get what they pay for. If word gets around that you’ll get stiffed if you pay, no one will pay. Why shortchange a few hundred people and make $50,000 when you can be a nice guy to a few thousand people and make $5,000,000?
The bigger risk when it comes to ransomware infections is becoming a victim more than once. If you made the business decision to pay the ransom and then don’t take substantial, concrete steps to harden your enterprise and make it more resilient to such attacks, there is a good chance that you’ll be targeted for infection again. The guidance we provide in our Work From Home Campaign, and the resources in our Small Business Cybersecurity Toolkit can help you take those steps, and implementing them won’t cost you a dime.