If you’ve been keeping up in the news lately, you may have noticed an alarming trend in cyberattacks. Malicious groups that used to target large corporations like Target, Experian, Blue Cross Blue Shield, Honda and others are now turning their focus to small businesses. In early July, hackers targeted hundreds of businesses around the world who had one thing in common: They were all connected to a remote management software tool called VSA. Requesting over $70 million in bitcoin in exchange for a decryption tool, hackers brought networks of over 1,000 businesses — restaurants, dentist offices, small accounting firms — to their knees.
And in case you’re not convinced it could happen to you, in late June, McDermott Top Shop, a fabricator in Wisconsin, was the target of such an attack. It crept in through their IT support network and crippled most of their operating systems. It was able to lock up their servers and get to all of their onsite backups. They couldn’t fabricate for a week. Eventually they were able to restore their systems using offsite backups, but it didn’t happen overnight and not without a lot of stress, lawyers and cyber insurance coverage.
We caught up with Bill Moore, an expert in information technology, for a look at what’s happening and how you can protect your business from ransomware and cyberattacks.
C&AS: What is ransomware and how does it affect systems?
Bill: Ransomware is a specific type of malware that encrypts the victim’s data or prevents access to IT infrastructure. Victims receive a decryption key after paying a ransom, which restores access to impacted data. Unfortunately, once a victim is infected with ransomware, it’s often impossible to restore access without a decryption key unless there is an error in the malware code. There were more than 65,000 successful ransomware attacks last year, and there is a new attack every eight minutes, making ransomware a real problem for companies of every size in every sector.