Updated: Nov. 20, 2018
NJ Businesses are Falling Victim to Ransomware
It is estimated that one in three businesses in NJ have been hit by Cryptolocker or other variants of ransomware in the last 18 months. These vary from small to mid-size and even larger organizations in the state. Considering that the vast majority of breaches in NJ are still not reported, this number is staggering. Many businesses have not kept pace with the bad guys in securing their networks, and unfortunately have become victims as a result.
Just last week, we assisted a local NJ business that came to us after struggling for a week on their own to recover from a ransomware attack. Safeguards were in place, but their security posture lax. The antivirus was renewed religiously every year and it was assumed an old firewall was still protecting them. It was also assumed the computer guy was doing his part to keep the business secure.
They were wrong, and ignorance was not bliss. The old, out-of-date firewall provided little protection against current threats. The antivirus was ineffective in stopping the invasive ransomware once the infected email link was clicked. The computer guy was fixing issues as they arose, but they never asked (and he never offered) any sort of upgrades or management of their cybersecurity. The ransomware quickly spread from the lawyer’s PC to the network and soon encrypted the entire server network. An online backup had been established the prior year, but it hadn’t been running in 6 months. No one had bothered to check, and there were no other backups.
Decryption keys are available for some types of older ransomware which makes recovering data fairly easy. However, this strain of ransomware was new and breaking the encryption without the decryption keys is virtually impossible. The FBI recommends against paying a ransom. After all, there is no guarantee you will get your data once you pay. The business decided to pay the ransom as well as restore from the 6 month old backup. Trying to run your business with old data is no enviable task, let alone downloading the entire back up through an Internet connection.
It took over 2 days to download the data, and it turned out to have very little value to the company.
Luckily, their email system was not encrypted, so they recovered some recent files from email attachments. The remaining files were either recreated or a copy requested from other parties. What a hassle and embarrassment.
Paying a ransom is also no easy task. Bitcoins must be purchased through a public exchange and then transferred to the bad guys over the “dark web” with the hope you receive your decryption keys. The senior partner at this business wasn’t comfortable providing his ID and credit card to open up a Bitcoin account, so a manual verification process was required. Over a week later, they were still waiting to get their account funded. An entire week without your data can put you out of business.
For many of the reported cases of ransomware infections in NJ, we know the businesses were able to restore from backup and therefore, are unconcerned with protecting against future attacks. The thought of confidential client data in the hands of criminals or extended employee downtime or even the fear that the backup may not have been healthy is not enough for many businesses to make a change.
However, just having a good backup is not the end of the story. According to the NJ Identity Theft Protection Act, all data breaches including ransomware may require a breach notice. Breach notices not only increase the monetary cost of a security incident; they can be devastating to a business’s reputation.
The moral of the story: BE PREPARED.
By the time the business came to us, there was very little we could do.
Don’t wait until it is too late.
Do not bet the livelihood of your business on a backup. Safeguards are available that can ensure almost zero likelihood of infection at little to no cost. You owe it to your staff, clients and professional reputation to use due diligence in securing your business. Find a Cybersecurity expert who can evaluate your current situation, and make sure you are secure.
Our premier SECaaS solutions are built on an incredibly sophisticated software called SonicWall (this is where that SaaS comes into play). Not only is SonicWall the only firewall provider that offers SECaaS , but Integris is the only certified distributor of the program in the region, making it the highest ranked distributor of SonicWall in Northeastern U.S. If our five-point SECaaS solution didn’t impress you, we know that will.
Our SECaaS program is only the first of our five cyber security services. Even more security, custom fitted to your company’s needs? How could you NOT want to learn more about our cyber security services? Don’t worry — we’ll tell you everything you want to know!
Was this article helpful?
For more information about how Integris can benefit you.