Here in the blog pages of IT Support LA, we frequently remind our readers about this simple fact about Ransomware and other types of cyber-attacks: That it is not a matter of IF, it’s a matter of WHEN.
Ransomware has been growing steadily since its inception, and it has become a big problem for many people and businesses. Although the basic tenet of the attack has remained the same, its tactics and nuances continue to evolve.
What do you mean by ransomware?
Simply put, Ransomware is malware that, penetrates your computer, locks up and encrypts your files and system, and then demands a ransom in cryptocurrency for a ‘decryption key.’ This is usually both scary and costly.
This malware usually gets in through phishing emails with an enticement to click a malicious link or attachment or by visiting bad websites. Once in, it will spread throughout your network until you stop it.
What is encryption and how does it work?
Fundamentally, encryption is the process of protecting information or data by using algorithms and keys to scramble it in such a way that only the parties who have the key to unscramble it can access it. An algorithm is a set of rules for solving problems. A key is somewhat like a password that unlocks the secret message.
How can a ransomware be prevented?
Fortunately, there are many ways to stop ransomware before it hurts you. Here are some key steps:
Keep software updated
Always keep your computer and programs up to date. Updates often fix problems that ransomware uses to get in.
Install good antivirus software
Find a good, strong antivirus (AV) software, install it, and. keep it turned on and updated. AV can detect many kinds of ransomware.
View with emails with caution
Email is the #1 vehicle for ransomware attacks. Be wary of anything from people you don’t know. NEVER click links and attachments or download files unless you are sure they’re safe.
Backup, Backup Backup!
We can’t stress this enough. Reliable backups can literally save your business from going under after an attack. Copy your most important files and store them on something other than your primary computer. That way, if ransomware locks your files, you’ll still have copies.
What are the first steps after a ransomware attack?
You don’t usually have to wonder if you’ve been stricken with ransomware – it’s not shy about letting you know. First, don’t panic, but immediately take these steps:
Disconnect your device
To contain the ransomware and stop it from going any further, immediately disconnect your computer from the network and the internet. This may prevent the ransomware from spreading or worsening. The best thing to do is turn off the device. Often, trying this from the start menu will not work, so perform a ‘hard’ shutdown by pressing and holding down the power button until it turns off.
Do NOT pay the ransom!
Experts and statistics tell us that there’s no guarantee you’ll get your files back – even if you pay. Plus, once you pay, the cyber crooks view you as a sucker or ‘easy mark’ and will probably attack you again.
Immediately report the attack
First, inform your company’s IT services person or team, and then tell the police and your country’s cyber security agencies about it. In our nation, you can report it to the FBI, CISA (Cybersecurity and Infrastructure Security Agency), or the U.S. Secret Service. They can help and use the info to stop future attacks.
This is where you need your backups
Provided you have been wise and regularly backed up your data, then, once you’ve deleted the malware and wiped the device clean, you can restore your files from them. That’s what they’re for.
What is the best protection against ransomware?
Of course, you can never just go with ‘the best’ defense (our #1 below) and just leave it at that. You will want to take a few additional steps to remain safe. Once you’ve established the most basic protections, like a firewall and AV (Anti-Virus) here are 3 crucial steps:
1: Train your employees
Over 90% of data breaches are caused by unwitting end-users. This is why you need to institute regular Security Awareness Training. Train your employees about all types of attacks, including ransomware. Give them examples of what to watch out for, and what to do in case they encounter something suspicious.
2: Provide only limited access to key files
The loading dock foreman does not need access to accounting files. Not everyone needs access to everything. Provide access only to those needed to perform the job. This may limit how far ransomware can spread.
3: Institute a response plan
This should be included in an overall Backup and Disaster Recovery plan. You need to have a strategy in place in case you become a target of ransomware. Exercise it. Preparation will make you swift, and thereby contain the damages.
What is ransomware evolution in cyber security?
All manner of threats evolve over time – usually in response to new defenses put in place to thwart them, and ransomware is developing newer tricks all the time. Watch out for these:
Phones and tablet attacks
Mobile devices are often last in line for cybersecurity, and hackers are increasing their attacks on them. Not only computers but also your phones and tabs could be attacked by ransomware now. Be wary with all your devices.
Double extortion
This is one of the occasions where you don’t immediately know that you’ve clicked on a disguised ransomware link or attachment. This version takes the time to steals your data before locking it up. Then the bad guys threaten to share your private info if you don’t pay. This makes the attack even worse.
Cloud services attacks
Many companies are migrating to the cloud for storing data. Ransomware has started targeting those services too. It is up to you to ensure your cloud accounts are secure – your cloud host will not guarantee the security of your data.
Be prepared and stay safe
Do not underestimate ransomware as a very serious threat. You can protect yourself: keep your software updated, be careful online, and always have backups. If you run a business, train your team and have a solid plan. Stay alert and ready.
Don’t try to face ransomware on your own. Contact us if you need any help with ransomware or have additional questions.
Frequently Asked Questions
What percentage of businesses fail after a ransomware attack?
According to a report by StrongDM, 75% of SMBs (Small and Mid-size Businesses) could not continue operating if they were hit with ransomware.
How long does it take a company to recover from a ransomware attack?
That fully depends on the size of the company and the extent of the damage. While an average of 21 days of downtime is often cited, for companies with good IT Support and reliable backups in place, it can be as short as a day or two. But depending on the quality of those factors, it could be weeks or even years.
What is the average ransomware payout?
This has a wide range, because consumers are routinely attacked, but usually only for a few hundred bucks. StrongDM claims that 95% of cybersecurity incidents at SMBs cost between $826 and $653,587 – a pretty wide range. Throw in huge businesses and the average for 2024 was a staggering $2.73 million.
How much does security awareness training cost?
It depends on how extensive the training is, but security awareness training costs generally range from $0.45 to $60 per employee per month, or $10-$60 per employee per year. Factors like the type of training, frequency of sessions, and specific vendor can all influence the final cost.
How secure is your network?
As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and cybersecurity assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.
The best defenses are expert cybersecurity to protect your data from theft, and a top-notch Managed Services Provider (MSP) to ensure continued reliability and defenses against newly emerging threats.
With our 100% Money Back Guarantee in writing, we offer a risk-free way for prospective clients to try us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
IT Support LA is an award-winning Managed Services Provider (MSP):
o 3 Years awarded Best IT by the Small Business Expo
o Awarded 2nd best company of any type in the US by the Small Business Expo SB100
o Awarded Best IT Support in California by Channel Futures
o Winner of Best IT in Los Angeles by Channel Futures
o Listed as one of the world’s Top 501 MSPs by CRN and in the top 250 in the ‘Pioneer’ listing
o 4 years listed as one of the Top 501 MSPs in the World by Channel Futures
o Listed as #21 MSP in the World in Channel Futures NextGen 101
o Globee 2021 Bronze Award winner for Chief Technology Officer of the Year
o Globee 2022 Gold Award winner for Chief Technology Officer of the Year
o Named one of 2022’s 50 ‘Best’ businesses in California by UpCity
o Named Best of IT winner by UpCity
o Winner of Local Excellence Award for 2021, 2022 and 2023 by UpCity
o Named Best of Cloud Consulting winner by UpCity
o Certified as Top Managed Services Providers and Cybersecurity Pro by UpCity
o Named Best IT in Los Angeles by Expertise.com.
Take Action to Protect Your System Today!
Don’t wait until it’s too late to protect your system from malware. If you want help setting up a truly secure system, contact us today and also take advantage of our FREE no-risk network and cybersecurity assessment.
818-805-0909
