(Updated 17 May 2017 in light of the WannaCry ransomware attacks)
On 12 May 2017, organisations worldwide felt the scourge of one of the biggest malware attacks to take place in recent history. Aptly named WannaCry, the malicious ransomware swept across over 100 countries and infected over 57,000 computers running on out-of-date Microsoft systems.
Here in Singapore, most companies were fortunate enough to remain unscathed by the attack. The Cyber Security Agency of Singapore (CSA) also issued a statement that no critical infrastructure in the country had been affected.
Even so, ransomware attacks are not new to Singapore companies. Last year, homegrown baking supplies company Phoon Huat was hit by a ransomware attack. They got off lucky; the attackers were "just playing around" and so the company didn't incur financial losses.
But for many small and medium enterprises (SMEs) running on old systems and lean IT resources, these attacks can prove financially deadly. In 2016, ransomware attacks on businesses increased three-fold — from one attack every two minutes in January to one every 40 seconds in October. And with over 62 new ransomware families introduced in 2016 alone, it's no surprise that global cybersecurity providers like Kaspersky Lab named it as a key concern.
Now, in the wake of the WannaCry attack, cyber security firms warn of another wave of ransomware attacks. "We do expect copycat activity in the coming days," says Nick Savvides of Symantec to Channel NewsAsia, adding that the next wave is unlikely to contain the 'kill switch' that stopped WannaCry from spreading further.
Ransomware is a sophisticated malware that encrypts and blocks access to your files, applications, servers or computers. Until you pay a ridiculously expensive fee to the attacker to unlock your system, your system is basically useless (hence the term 'ransom').
Not only is it insidious and tricky to prevent, ransomware can affect your system through a myriad of ways — emails, websites, thumb drives and more. Attackers also regularly alter their programs so the ransomware attacks avoid your company's antivirus detection.
Here's how a 'ransom' message on an affected computer might look like:
There are some factors that set ransomware apart from other malware:
Because that's where the money is. Although more individuals than companies are affected by ransomware every year, companies are more willing to pay big to retrieve their critical data.
SMEs are a favourite target, because many SME leaders tend to be unaware of the cybersecurity risks out there. Other reasons include:
Prevention is always best when it comes to cybersecurity. Keeping your software and cybersecurity systems and antivirus protection updated, and making sure your employees don't open any file from suspect sources are some of the basic best practices for prevention.
Unfortunately, due to ransomware's insidious nature, it's tough to ensure you're 100% protected, even if you've cybersecurity measures in place.
Once an attack happens, your fastest option (apart from paying the attacker a ridiculous sum) is to recover affected files from your backup system. This depends on whether your backup system is still intact. There are malicious ransomware strains that target backup drives attached to your server, resulting in both your live/actual data and backup being held hostage.
One way to ensure your backup data stays safe from such attacks is to back it up offsite in the Cloud. At AFON IT, we offer you an advanced Microsoft-backed Cloud Backup solution to safeguard your critical data. It's an offsite backup solution which stores daily server backups in Microsoft Azure's secure cloud storage.
Unlike traditional methods which involve tape cartridges ($6,000 to $10,000) that are unwieldy and susceptible to damage, our Cloud Backup solution gives you:
If you’d like to learn more, please call or leave a message for our IT consultants here, and we’ll be glad to provide more in-depth explanation.