Back to blog

Ransomware Attacks: What You Need to know

A ransomware attack on a gasoline transport company in the United States is driving a surge in gas hoarding and potentially gasoline prices just as the country’s recovery from the pandemic and summer travel heat up. Naturally, the attack is also raising the public and businesses’ interest in ransomware and cybersecurity.

Business woman hand typing on keyboard with secured lock concept around

What Is Ransomware Attack

Ransomware is a type of malicious software designed to block access to a computer or computer system until a sum of money is paid. Paying the ransom doesn’t necessarily guarantee the access will be restored.

While details of the US ransomware attack haven’t been released, ransomware attacks generally begin simply with phishing emails or drive-by downloading when a user inadvertently visits a malicious website and the malware is downloaded and installed without the user’s knowledge. See our post, “True Crime! The Real-Life Story Of A Phishing Attempt,” to learn how phishing can impact a small business.

The Weakest Cybersecurity Link

While there are many sophisticated technology safeguards available to help detect and prevent ransomware attacks, most organizations that experience this type of cybersecurity breach find that human error and breakdowns in the process are the weakest links in most cybersecurity programs.

Humans are creatures of habit, and we’ve been programmed to click on links. We click on links to delve deeper for information and to complete actions like making a purchase or downloading a file. Clicking on links has even become a key performance indicator for marketing campaigns and websites, i.e. click-through rates. You may even have clicked on legitimate links within this blog post. Despite the best efforts of cybersecurity experts, businesses we work with, and the media to warn users against indiscriminately clicking on links from unknown or unsolicited sources and checking to make sure emails are legitimate, phishing accounts for 90% of data breaches.

Weak passwords, perhaps more disappointingly, are also still a problem. Nearly every application we use—whether online shopping, banking, or entertainment—contains a password strength indicator. Still, passwords with only four characters remain a problem because they are the easiest to guess because of the limited number of potential combinations as our video explains. Passwords must be a minimum of eight characters (alphanumeric, upper & lower case, and special characters).

When You detect Something Suspicious

Falling prey to a cybersecurity attack is a question of when not if. Here, human nature fails us again. Employees might be hesitant to self-report clicking on a suspicious link or even reporting a suspicious email. They may be embarrassed or fear negative consequences for inadvertently contributing to a breach. They may even ignore suspicious activity because of a busy workload.

But any delay in acting on suspicious activity can have far-reaching and dire effects. Employees need to know that they will not be disciplined for inadvertently clicking on links or reporting suspicious emails. They need regular impactful training on what to look for and how to avoid cybersecurity threats. And they need to know to react and to react quickly!

As our video outlines,

  • Change your passwords
  • Contact your IT support
  • Scan network to look for malware and threats
  • Provide list of contacts affected
  • Notify your coworkers
  • Verify any emails received that may involve protected information

If a breach has occurred,

  • Contact your cyber insurance provider
  • Contact your legal counsel
  • Contact customers, banks, vendors, etc.

Far-Reaching Effects of a Breach

Cyber breaches have far-reaching effects. The first wave is lost productivity as employees report and respond to the incident. In the case of ransomware, employees may be denied access to systems necessary to do their jobs. Customers and contacts will feel the effects. Depending on the type and size of the breach, breaches may have to be widely reported to customers and even the public. In the case of a breach of financial data or personally identifiable information, the business will likely have to pay for credit monitoring for affected customers. There may be steep fines and certainly a reputational hit to an organization for failing to protect its or its customers’ data. Cybersecurity insurance will likely only cover a portion of the actual damages.

Technology offers only limited protection against cybercrime. Cybersecurity technology must be enabled, updated, and monitored. SMBs often lack the resources they need to keep up with the technology demands of their organization—not to mention cybersecurity. Many SMBs have difficulty performing software patches, deploying devices, keeping up with password update requests, enabling and updating anti-virus and anti-malware software, updating firewalls, segmenting servers, and resolving relatively minor IT incidents. And that may be why so many businesses continue to take a reactionary rather than a precautionary approach to cybersecurity.

Yet, as the ransomware attack cited at the start of this post demonstrates, the consequences of a breach can be far-reaching. Working with an IT partner can greatly alleviate an SMBs IT load and greatly reduce cybersecurity risks.

Contact MicroTech Boise to help alleviate your technology concerns.

The Ripple Effect of a Cyber Breach