According to a new report from the CyberEdge Group, 61 percent of businesses surveyed last year said they had been hit by ransomware.
Florists who have been devastated by that kind of attack know how the situation unfolds: You arrive at your shop one morning to find a message on your PC screen announcing that your computer has been hacked and your files, encrypted. If you want those files back, the message informs you you’ll need to pay the hacker for the privilege. Sometimes it’s $500, sometimes it’s $5,000, sometimes it’s more. Sometimes businesses pay the ransom, and they get their files back.
Other times, a business will pay the ransom, and the files and money are never seen again.
“There are more attacks, more sophisticated malware, and more complexity ahead relative to skyrocketing cloud usage,” said Mike Rothman, president of the security firm Securosis. “This difficulty is compounded by the global security skills shortage, and the ongoing inability for most employees to not click on links that compromise their devices.”
In fact, victims of ransomware in 2017 have included an entire police department in Dallas, a non-profit cancer support organization as well as dozens of countries whose networks were crippled by a single attack.
What’s a floral business owner to do?
Here are some best practices recommended by Joe Aldeguer, the Society of American Florists’ director of IT::
Limit employee computer logins to non-admin rights.
“This will lessen the damage inflicted on the computer system if an employee carelessly opens a malicious attachment or link in email,” Aldeguer explained. “A shop owner should have a computer use policy so their employees have clearly defined actions as to what they can do and cannot do on work computers.”
“Back-ups are the most ideal means of recovering from a ransomware attack,” Aldeguer said. “But there needs to be a monthly recovery test to make sure backup data is indeed in a good state, otherwise all that backup effort will go to waste only to find out later at a crucial time backup data was corrupted.”
Designate a POS computer.
“Computer which are used for POS, shouldn’t be used for web surfing, email access and plugged in USB external drives,” he said. “This should be strictly used for processing orders.”
Install Anti-virus programs.
“Install these programs on all work computers and enable the auto-update for the virus program to download recent virus definitions,” Aldeguer recommended.
“If guest WiFi is being offered the network has to be logically separated from the network used by computers for work,” Aldeguer said. “WiFi routers similar to Amazon Securifi Almond can be easily set up to create a guest WiFi network for customers. By segmenting your guest network, you effectively stop untrusted computers from accessing your work computers.”
Make sure firewalls on the computer are enabled on a Windows 10 computer. Here’s a good how-to guide.
Make sure your work computers are not running older vulnerable Operating Systems such as Windows 2000, Windows XP. “Anything older than Windows 7 is vulnerable to getting easily hacked,” Aldeguer said. “ If you have any of the older operating systems still running in your network you are a prime target. You could even be in violation of PCI compliance.” which could lead to hefty fines.
Have a schedule to update the operating system. This can be done automatically.
Update any other software programs installed on the computer. “Un-patched systems provide entry points for hackers to gain control of the victim computer,” Aldeguer explained.
A few final tips:
Remember, Aldeguer said, sometimes a ransomware attack can be averted by simply disconnecting the computer from the network (pulling out the network wire, turning off the wireless), if a user suspects they opened a malware attachment or clicked a link in the email.
“Typically, the ransomware program once installed on the victim computer reaches out to the Internet to pull down the encryption keys to lock user data files,” he said.
If you are a victim of Ransomware you can use this site to decrypt your data.
Finally, SAF uses a cloud services which provides advance threat protection that scans emails for unknown malware and viruses.
“We also use Knowbe4.com to give staff the knowledge needed to quickly identify phishing emails,” said Aldeguer. “These are done through a fully simulated phishing attacks with reporting enabled. By testing your users you’re able to determine who are prone to becoming victims of phishing attacks then provide them further training using Knowbe4.com vast online Security training library which comes with your subscription.”
Have questions about ransomeware? Contact Aldeguer, firstname.lastname@example.org.