This year, the city of Atlanta spent $2.6 million dollars recovering from a vicious ransomware attack. The perpetrators had encrypted data on multiple city systems and were requesting Bitcoin as payment to return order. The city was left on the hook to pay for emergency support, third party vendors and outside help.
This story made headline news due to its size and nature, but what you may not know is that these attacks are hitting businesses of every size and type. In fact, according to cybersecurityventures.com, a business is expected to be hit by Ransomware every 14 seconds by the end of 2019. Ransomware has gone from a little-known word just a couple years ago, to a 10+ billion-dollar business and growing.
What is ransomware?
Ransomware is a variant of malware that specifically holds access to files hostage. Ransomware will make your files unreadable through encryption. Typically, the only way to get your files back is to pay a ransom. Perpetrators usually request payment via cryptocurrency; it is not recommended to ever make a payment for fear that you may be targeted again.
I already have an anti-virus. Am I protected?
A good anti-virus is the first step in protecting yourself from malicious software. Ransomware, however, can be extremely difficult for your anti-virus to stop. It is often transmitted in e-mail attachments and links in malicious e-mails. These e-mails are usually “spoofed” to appear legitimate, so the primary risk in ransomware is human error. Once you click on ransomware, your anti-virus is frequently useless.
Best practice is to put DNS level security in place
The best practice when it comes to ransomware is to put Domain Naming System, or “DNS” level security in place (In addition to a cloud managed anti-virus such as Trend Micro). The DNS is the phone book of the internet. When you want to navigate to a website, you use the DNS to find the address you would like to go to. The DNS will translate “www.thiswebsite.com” into an IP address so that your internet browser can load the website.
How does DNS level security work?
We recommend Cisco Umbrella as your DNS level security. The way that it works is that when your computer goes to look up that address in the phone book, it is filtered through Cisco’s server. Anything that they determine to be a risk goes into a deeper URL and file inspection. This allows every link you click to be instantly inspected, without any delay or impact on performance. What this means for you, is that ransomware and malware are stopped before they ever reach your computers, servers or network. If ransomware somehow does make it through to one end point, Umbrella quarantines the device to prevent the ransomware from spreading to other machines or your servers.
Interested in more information?
DNS level security is one of the only ways to truly defend your business or home from ransomware. Cisco Umbrella is what we recommend to put your mind at ease. Click HERE for more information on our security offerings. Visit the contact form in the link, or give us a call at 920-885-0141 today!
If you missed part one of our Over-Watch series on anti-virus, catch up HERE.