Protecting your Organization from Ransomware Attacks

By Ntiva Editorial Team | December 11, 2018

During the holiday season, employees tend to do more “multi-tasking” – i.e. online shopping when at work. Which in the scheme of things should be no big deal.

Unless the employee inadvertently clicks on a link which brings your company to a grinding halt!

Last year at this time, we got a call from a DC-based association who walked in one morning to find their on-line systems inaccessible.

One of their employees had clicked on an attractive-looking ad while on a familiar shopping website.

The employee was completely unaware that the ad had infected their PC with ransomware, a type of malicious software designed to block access to company data until a ransom is paid.

The employee never noticed the ransom message, and at the end of the day shut down their PC and went home.

It wasn't until the next morning when employees started drifting in to work, that they realized that no one could access their Association Management System (AMS.) 

Multiple employees started to report seeing ransom warnings, that would have looked similar to the one below.


bitcoin ransomware demand


And it wasn’t too long after that when the calls from the association's members came pouring in. Was the web site down? What was going on? They couldn’t access their data.

Unfortunately, by the time they called Ntiva they had already paid the ransom to the cyber criminals who – surprise! – did not release their data, even after they had followed instructions for a Bitcoin payment.

The High Cost of IT Downtime

It took almost a week to retrieve the data, a very expensive venture with techs working 24 hours a day, not to mention the cost of downtime to the organization. Most employees were unable to do any work at all.

When the restoration was complete – and not all of the data could be retrieved due to the nature of their backup and recovery solution – the painful process of notifying their legal counsel, their insurance broker and all of their association members began.

Loss of trust is a very difficult state to recover from.

It was no surprise that membership dropped off in the following year, although the organization has since worked hard at regaining credibility by creating what we call a cyber ready position.

Hackers Getting More Sophisticated

Ransomware remains a huge problem for organizations who don’t have a good understanding of the risks, let alone what they should do about it.

Hackers have become much more pervasive and sophisticated, and ransomware is now considered the most common type of malware-related data breach.

In this particular case, the very legitimate looking ad had a small piece of code deep within it, which when clicked connected the user to the criminal servers that infected the association’s computer and systems.

However, most of the time ransomware is spread by phishing, an email that appears to be legitimate and which entices you to click a link or download an attachment. Sometimes they’re so well crafted, they can bypass an organization’s email security software, DNS blocking services and even anti-virus software.

At this point you may be asking what on earth you can do about protecting your business if it’s so hard to detect these cyber-attacks.

While there is no magic solution, there are definitely steps you can take to mitigate the risk.

Key Steps You Can Take to Protect Your Reputation

The short list begins with having the proper IT infrastructure in place, which also means making sure your software is updated regularly and your network is being monitored 24/7.

Regular and consistent employee training on cyber security is the next critical step. It’s not just one and done!

And perhaps the most important item of all is having the right backup and disaster recovery solution (BDR) in place. Unfortunately we’ve gotten to the point where it’s not “if” but “when” you get hit with a similar situation.

Of course, there’s a lot more that can be layered on to enhance your cyber security. If you’re unsure of what protection you have in place, or it you haven’t had a security check-up in a long time, consider reaching out to us for a look under the hood!

Your reputation depends on it.

New call-to-action 

Tags: Cybersecurity