According to a recent article by Forbes, the FBI has issued a “high-impact” cyber attack warning to U.S-businesses and organizations. The FBI claims that the incidence of indiscriminate ransomware campaigns, such as evidenced by WannaCry in 2017, has sharply declined. However, the frequency of attacks has been relatively consistent and the landscape has been continually evolving.
But what exactly is the FBI warning us about?
Ransomware is a form of malware that encrypts files on a victim’s computer or server and can only be accessed when paying cyber criminals a ransom. Put simply, ransomware is a type of cyber attack that locks your files and holds them hostage unless you pay up. Ransom prices vary and, thanks to the anonymity that cryptocurrencies have, bitcoins are usually the preferred type of payment that these attackers demand.
According to the FBI’s warning, healthcare organizations, industrial companies, and the transportation sector, along with regularly targeted industries like state and local governments, should be wary about:
-
Email Phishing campaigns
Email phishing is a cybercrime defined as the practice of sending fraudulent emails claiming to be from a reputable source in order to trick a user into revealing personal information such as passwords, personal information, credit card numbers, and other sensitive information. Cyber criminals may also compromise a victim’s email account by using precursor malware which enables the attacker to use a victim’s email account to further spread the infection. -
Remote Desktop Protocol vulnerabilities
Remote Desktop Protocol (or RDP) is a proprietary network protocol that allows individuals to control the resources and data of a computer over the internet. Cyber criminals use this method to access a range of information through the internet from user credentials or control the victim’s system. -
Software vulnerabilities
Software vulnerabilities are probably the most common way attackers use to access a user’s sensitive information. According to the FBI, cyber criminals recently exploited vulnerabilities in two remote management tools used by managed service providers (MSPs) to deploy ransomware on the networks of customers of at least three MSPs.
What does the FBI say when your system gets infected?
Should I pay the ransom? The FBI says no. The FBI warns users that paying the ransom DOES NOT guarantee that you will regain access to your files. In a statement, the FBI says “Due to flaws in the encryption algorithms of certain malware variants, victims may not be able to recover some or all of their data even with a valid decryption key. In addition, paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals.”
Regardless of whether or not you have decided to pay the attackers, the FBI urges you to report ransomware incidents to law enforcement. This provides the FBI data on critical information that they need to be on top of as well as hold the attackers accountable under the law.
What can I do to protect myself against Ransomware?
What else can you do?
Managed IT Services is the way to go! You might be asking - if it’s as simple as installing an antivirus, doing a quick lecture with my employees, and ensuring that I have antivirus software in place, why should I hire a professional?
Easy. Peace of mind.
Instead of spending your time learning these stuff then educating your employees about the different types of Internet pitfalls, why not just focus on growing your business?
You might be rolling your eyes but please - hear us out!
Managed IT service providers exist to help your business cover your IT needs which, in turn, allow businesses to lower costs and become more effective in its day-to-day operations. These services may vary from server management, customer support, server backup, to - you guessed it - network security.
And, as we’ve talked about before, data is king in today’s world. Almost every single business decision now relies on acquired data. That’s where we, as managed IT service providers, come in.
“Managed IT service providers oversee large data centers and put multiple layers of protection in place,” says Isanov. “However, users may still be breached by hackers. It is of utmost importance to understand that as technology improves, the type of attacks become more intricate as well. All hope is not lost though - as long as each security layer is kept up to date, we would be able to see attacks from a mile away.”
Still unconvinced? Or do you want to know more about how you could better protect your business? ETech 7 offers a free network check for your business!