If we’ve learned anything over the past 16 months, we have seen firsthand how quickly a pandemic can spread and take over our daily lives. After a year of wearing masks and avoiding high-risk environments, most people are ready to get back to normal, but not without the memory of how catastrophic it can be when a virus gains a foothold and–if not addressed–cause serious problems. We know because we’ve experienced it.
In the case of Covid-19, those problems included a near-complete shutdown of every major economy, overburdened health care systems, and fraught political and moral questions over how to keep people safe and beat the virus. Now, as the world gets close to the coronavirus finish line, another pandemic threatens many of the same consequences as it spreads across the globe: ransomware.
Before I go further, I want to be clear that I don’t say that lightly, and I don’t want to minimize the fact that more than 184 million people have been infected with COVID-19, and almost 4 million have died. I do, however, want to highlight the fact that every business owner should be concerned with the fact that ransomware attacks have increased 500 percent since the beginning of Covid-19.
Certainly, we would hope that the lessons we’ve learned during this pandemic will help us be better prepared for the next. The problem is, the next pandemic is already here. It just isn’t viral–it’s digital.
Over the holiday weekend, REvil, the Russia-linked hacking group, appeared to have targeted at least 20 managed-service providers, which provide IT and backend network security services for small and mid-sized businesses. That’s the same group that was credited with an attack on one of the largest meatpacking companies in the US. The news comes after another group shut down the Colonial pipeline earlier this year, causing disruptions across the east coast.
Ransomware attacks involving a hacker installing software on a network that prevents the owner from accessing their devices and/or their data. Essentially they kidnap your business and demand the payment of a ransom in exchange for releasing your network. For example, Swedish grocery store chain, Coop, had to close its 800 stores because the hack caused a shutdown of its payment processing system.
In this case, the problem is complicated by the fact the attack targeted trusted software that is usually used to protect networks and computers from malicious attacks. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) attackers were able to export a “vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers.”
Put another way, the attackers were able to potentially infiltrate the source code of software used across thousands of networks. In that way, this most recent incident is similar to the SolarWinds attack last year, though that attack was mostly thwarted before the hackers were able to gain complete control over the targeted networks.
While it is almost impossible to eliminate all risks of ransomware, there are a few things you can do to make your network a less desirable target. Usually, attackers are looking for high-value targets with easy-to-exploit vulnerabilities.
One of the simplest, and most effective tools against ransomware is to backup your system locally on a regular basis. Those backups should be then kept offline so they can’t also be targeted by ransomware. If you have a copy of all of your data, it’ll take some work, but it’ll be a lot easier to recover than having to pay an expensive ransom, which just encourages more attacks.
Generally, security experts recommend that a given user only have the minimum level of privileges required for their work. In many cases, malicious software can’t take over a computer if the user account doesn’t have the ability to make changes at the root level.
Keep Software Up-to-Date
While we’ve seen instances where malicious code piggy-backs on legitimate software, in general, you’re safer if you keep your systems regularly updated. That means both in terms of security patches for your operating system, as well as anti-virus software that can isolate and remove malware.
Don’t Click on Unknown Links
Finally, never click on links in emails or text messages that aren’t from a trusted source. Hackers have gotten far more sophisticated, meaning that you have to be increasingly careful whenever you open an email, but as a general rule, if you weren’t expecting to be sent something to download and install, don’t click on the link.