ransomware infection is an insidious type of malware. The infection, when launched on a host computer, restricts access and functionality until money is exchanged to remove the restriction. These attacks can happen to any business or organization in any industry. A recent attack on an Ottawa-based cabinet maker highlights the fact that anyone, at any time, can fall prey to a cyber-attacker bent on turning a computer system into a personal ATM.

IT companies like ours, Fuelled Networks, an IT support provider for small to large businesses based in Ottawa, are gearing up their capabilities to address the growing number of attacks taking place worldwide and in Canada. Understanding the prevalence of these attacks and the things that need to be done in order to address one when it happens can be a company’s best defence against a ransom demand.

Safeguarding a Business from Ransomware Infections

There is no such thing as absolute immunity from ransomware. Attackers are stepping up their efforts to find and exploit vulnerabilities in computer networks, including those using older software or operating systems. What companies can do is take proactive (as opposed to reactive) steps to protect their information.

Some of the steps that a company can take that will help lower the risk of a ransomware attack or lessen its severity seem to be a common sense approach by all companies, regardless of the industry they are in or the type of networks they are operating. These steps include:

  • Review all software. Ensure that software being used is up-to-date and that all security patches and updates have been properly installed.
  • Catalog and keep current a log with the location of the company’s digital assets. This includes mobile devices, peripherals, and any other device that may have access to a company’s network.
  • Put in place policies that prohibit the introduction of foreign software that has not been properly vetted or reviewed by a company’s IT team.
  • Place limitations on the opening of email that comes from unknown sources.

What Are Ransomware Infections?

ransomware attack can be launched remotely, through a computer network, or introduced to a business’s system by an employee. A common method for launching ransomware, like other types of malware, is through email messages that are disguised to look like an official communication. Instead, these messages become the source for ransomware to invade and take over a network.

The element of ransomware infections that differentiate them from other types of malware is the demand for money or another type of remuneration. A worldwide attack in 2017 by the “WannaCry” cryptoworm. This attack, which took place in May 2017, infected 200,000 computers in 99 countries. The software took advantage of a vulnerability in computers using an older version of Microsoft Windows’s operating system (such as Windows 7). The demand that cyberthieves made in order to remove the ransomware? Bitcoins, a form of cryptocurrency that was beginning its historic climb toward a valuation of C$26,267 (in October 2017).

The Rise in Ransomware Infections

In the U.S., their Federal Bureau of Investigations (FBI) reported over 2,400 attacks in the U.S. in 2015. These attacks cost, in Canadian dollars, C$2.1 million. These attacks were an increase of 50 percent over attacks launched in 2014. These attacks are also on the rise in Canada, as they are around the world. Industry experts such as TechRepublic predict that in 2018 and beyond an ever-increasing rise in these types of attacks, as ransomware is the leading source of malware attacks in the world. A 2018 indictment of two Iranian men by the FBI highlights the efforts of law enforcement to stem these attacks.

Companies should also consider putting in place a system of third-party review that helps ensure that policies and procedures are being observed and that regular audits are being conducted that uncover potential vulnerabilities that may exist. Fuelled Networks handle these types of attacks by employing an approach that roots out the source of the attack, neutralizes the malware, and removes it from the network.

Whether a large Ottawa hospital system (subject to such an attack in 2016 that involved a scheme designed to limit access to critical patient information until a ransom was paid. The attack was successfully repelled), or a company specializing in making customized cabinetry (as was the case of a similar call received by Fuelled Networks), all Ottawa-area companies can benefit from reviewing their IT security protocols and putting in place a team that can respond to a need for assistance should an attack occur.

I have a strong passion for helping Ottawa Businesses, Entrepreneurs and professionals to become more productive and successful while allowing them to feel at ease and secure when it comes to their Information Technology needs. As the President of Fuelled Networks since 1998, I specialize in providing no-nonsense flawless and prompt technical support to Ottawa businesses, with in-depth consulting on Fortinet, Microsoft, Microsoft Cloud Stack and security. I strive to help businesses to succeed and take great pride in building long-lasting positive relationships and taking on a strong leadership role within the Ottawa community.

Published On: 26th February 2019 by Ernie Sherman.