Ransomware, CryptoLocker, and the Importance of Backups


January 17, 2017

Data security can at times feel like needless insurance for some unlikely threat far away. While there are stories in the news of prominent companies being hacked and sensitive data being stolen, leaked, or sold for a profit, smaller business owners sometimes feel a certain protection in their own obscurity. We’re just a small operation. Who would steal our data? Why?

This thinking underlies a key misconception about data security. You don’t need to have valuable data to suffer an attack. Sometimes it’s not about theft. It’s about extortion. These types of attacks are known as ransomware or cryptolocker attacks. Instead of infiltrating and stealing information, a cryptolocker virus will simply lock down a computer, a network, or an entire business’s IT environment. Once locked, the owners of the environment are prompted to pay a fee in order to regain access to their environment. It works like a boot on a car. You can see your environment. You can still touch it, but you cannot do anything with it.

Worse yet, these attacks are far more common that we realize. In 2015 alone, a total of $24 million was paid in ransomware attacks through nearly 2,500 reported cases. As anecdotal evidence, one of our own clients was struck by ransomware attacks twice in the last year.

We know how these attacks work, but how do they strike and how can we stop to them?

An Innocent Email

One of the most malicious aspects of ransomware attacks is that they are often transmitted through email. An innocent-looking email with an innocent-looking link will be sent to an entire company or a key collection of employees. If even one person clicks on this link, it’s all over. The attack is launched and the entire system is locked down.

While personnel training and internet literacy will help your team recognize these emails and avoid the attack, it will not eliminate the risk. Truly, there is no sure-fire way to thwart every attack every time. Instead, if you are attacked, you are forced to respond.

After a Ransomware Attack

If your company is the victim of a ransomware attack, you really only have two options. One, pay the ransom and restore your system, or two, wipe your hard drive and start over. Paying up is not cheap, either. According to the Department of Justice, ransom fees can range from as low as $200 for personal devices and $10,000 for businesses. Still, starting an IT environment from scratch is always going to be more expensive than the former, so many companies choose to pay up and get on with their lives.

However, there is one way around this ultimatum. If a company has current, stable, and accessible backups of their environment, they can simply restore it to a point before the attack was launched and circumvent the whole thing. There will be no ransom paid, and the data loss will be minimal.

Like what you read? 


About Mindsight

Mindsight, a Chicago IT services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We have one of the largest expert-level engineering teams delivering the full spectrum of IT services and solutions, from cloud to infrastructure, collaboration to contact center. Our highly-certified engineers and process-oriented excellence have certainly been key to our success. But what really sets us apart is our straightforward and honest approach to every conversation, whether it is for an emerging business or global enterprise. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.

Contact us at GoMindsight.com.

For Further Reading

Understanding the Cyber Kill Chain

Related Articles

View All Blog Posts

Contact Us
close slider


Fill out the form below to get the answers you need from one of Mindsight's experts.

hbspt.forms.create({ portalId: "99242", formId: "dfd06c5c-0392-4cbf-b2cb-d7fb4e636b7f" });