How much money would you be willing to pay a cybercriminal to unlock your computer system?
$100? $700? $10K?
If you’re a business owner that does not have a data backup, you don’t have much of a choice.
Leominster, Mass., Public School District just paid $10,000.00 worth of bitcoin to hackers in exchange to unlock their computer system. They became a victim of the notorious cyber attack known as “wannacry,” a variant of ransomware.
Ransomware: A type of malicious software that hackers use to hold vulnerable computer systems hostage until a sum of currency is exchanged.
With ransomware becoming a household name, business owners should ask themselves…
“Why do I still not have a backup of all my data?”
It’s true. The Leominster Public School District could have easily prevented becoming a victim of ransomware, simply by backing up their data at the very minimum amount of effort.
Not only could Leominster Public School District saved themselves an astounding $10,000.00, they could have also saved themselves unwanted publicity, and two weeks of downtime. Source: sentinelandenterprise.com
The city’s Police Chief, Michael Goldman advised Paula Deacon, the superintendent to pay the ransom.
Unfortunately, the community taxpayer dollars were used to pay the ransom, which has angered some in the community.
Finally, negotiations between the school district and the cybercriminals were made in effort to show proof that their files would be unlocked. (Sometimes hackers do not unlock files once a payment is made) The hackers sent decryption keys to unlock some of the school district’s files to prove themselves worthy of sending a decryption. And once the full payment was made in bitcoins, the computer system was unlocked.
How to purchase Bitcoin – Source: CNBC.com
How was Leominster School District affected?
- Teachers and administrators were locked out of their email accounts
- School lunch payment software NutriKids was down
- Various websites operated by the district were down
- Their data was locked
How are these ransomware attacks coming through?
- Ransomware attacks commonly enter as infected files or attachments that are opened in emails, or intrusions into a computer system.
- Hackers also get through an open port that’s the digital equivalent of an unlocked door.
How Leominster School District could have prevented becoming a victim of ransomware:
Leominster School District simply needed a clean offsite backup of their data.
This case is a reminder to all businesses to assess their vulnerabilities.
- We strongly recommend that every business has regular backups of their data, including on-site and off-site data backups that are regularly tested.
- Having up-to-date malware protection and phish training your employees can greatly help.
- Keeping your software up-to-date since hackers look for outdated software since they know their vulnerabilities.
In the event of a ransomware attack, users can restore their systems using their data backups instead of being at the mercy of paying a hacker.
Pros and Cons of paying the ransom:
Please note: The FBI does not normally encourage victims of ransomware to make payments to hackers.
- Possibly faster than restoring from data backups
- You never know if the cybercriminal is going to provide you the decryption key to unlock your computer system.
- Tracking the bitcoins is nearly impossible
- No criminal investigation will be launched since solving this crime is considered “impossible”
- Helps support the development of better ransomware
- Rewarding crime
- Can be complicated and time consuming to purchase bitcoin and transfer to the hacker (consider using a third party with experience)
- Time to decrypt your files
Hyphenet, a San Diego Managed IT Service Provider
The takeaway lesson:
Leominster Public Schools have taken measures to help limit their liability if they should be attacked again.
With the daily news stories of ransomware affecting both large and small businesses, we hope that businesses will at least obtain a backup their data.
We’re a managed IT service provider in San Diego, CA. To help businesses mitigate ransomware, we also provide free on-site network security scans. This is the perfect opportunity for small businesses to gauge the health of their network and make necessary efforts in securing their network. We provide unbiased recommendations and a full report. There’s no obligation to buy anything. Feel free to give us a call: (619) 325-0990
Take our word, ransomware isn’t going away anytime soon. Please look at the alarming facts about ransomware below:
- The 2016 Cybercrime Report from Cybersecurity Ventures predicts cyber crime will cost the world in excess of $6 trillion annually by 2021, making it more profitable than the global trade of all major illegal drugs combined.
- “WannaCry” has infected hundreds of thousands of computer systems in over 150 countries. Source: ABCNEWS.com
- “Ransomware has very quickly become the most successful and common form of cyber crime.” Israel Barak, chief information security officer at Cybereason, a Boston-based cyber security firm.
- Cyber crime will more than triple the number of unfilled cybersecurity jobs, which is predicted to reach 3.5 million by 2021. Source: CSONLINE.com
- Billionaire businessman Warren Buffet takes it a step further and says that cyber attacks are the number one problem with mankind, even worse than nuclear weapons. Source: CSONLINE.com