Unless you've been under a rock the last week, you know ransomware attacks have lead to chaos across the globe. For those that don’t know, ransomware is a form of malicious software (malware) that infects and locks a computer. It can only be unlocked by paying a ransom to cybercriminals. Don’t pay and your files get erased.
Most small business people tend to think, That’s a problem for someone else. I don’t need to worry about that. Wrong. Consider:
- Gigabit Geek is a small business (an IT business no less!) that was hit by ransomware. The attack started with a single user reporting a missing file. Soon, almost all the company’s files were locked down. Gigabit refused to pay the ransom. Its files were erased. Gigabit then spent several weeks manually restoring its files from a backup.
- The Sheriff’s office in Maine’s Lincoln County also got hit. Sherriff Todd Brackett didn’t want to pay the ransom either, but because of limited resources he soon paid. “We are cops,” he told NBC News. “We generally don’t pay ransoms.”
- In 2016, Hollywood Presbyterian Hospital was hit by a huge ransomware attack. “The malware locked access to certain computer systems,” according to a statement. The hospital decided that “the quickest and most efficient way to restore our systems and administrative functions was to pay the ransom.”
Cybercrimes, especially ransomware, have been growing in frequency and in severity in recent years, and the newest, biggest targets are small businesses for a very simple reason: a small business is unlikely to have the security system of a major corporation, but is more likely to have more money to pay up than a nonaffiliated individual.
RELATED ARTICLE: THE EMERGING TECH THAT COULD BOOST YOUR SMALL BUSINESS
Because of this, small business owners must be extra careful vigilant as the effects of such attacks can be devastating. Here’s what you need to know:
Ransomware is a form of malware that functions solely to encrypt your files. Ransomware viruses can get onto your computer via deceptive email attachments or infected website links. After the link or attachment has been opened, the virus installs on the computer and can spread across the network. Once the virus encrypts your files, your computer goes into total lockdown mode.
What happens next?
From this point forward, a timer starts clicking. The user will be given instructions on how to pay the ransom in an allotted amount of time, usually 72 hours. If you don’t pay, all encrypted files will be deleted.
The ransom is typically required to be paid in Bitcoin currency, and is usually between $300 to $500. Cybercriminals try to keep the ransom within a semi-reasonable range so that the user is more likely to pay up.
What are your options?
Unfortunately, once your computer is infected, your options are both limited and undesirable. You can:
Pay the ransom.
Restore your computer and recover your files from a backup.
Recover and restore: If you have no file backups, then you can hire an IT pro and try and recover your computer and files.
How can you protect your business from ransomware?
The best way to protect your small business from ransomware attacks is to take preventative measures. The good news is that these measures are simple, cheap and easy:
- Keep your antivirus software up-to-date.
- Educate your staff about ransomware. Show your team what phishing emails and links look like so that nothing gets clicked or opened in the first place.
- Backup all your files, and keep your backups up-to-date. You can do this with online cloud software or with a good old-fashioned external hard drive.
About Steve Strauss
Steven D. Strauss is one of the world's leading experts on small business and is a lawyer, writer, and speaker. The senior small business columnist for USA Today, his Ask an Expert column is one of the most highly-syndicated business columns in the country. He is the best-selling author of 17 books, including his latest, The Small Business Bible, now out in a completely updated third edition. You can also listen to his weekly podcast, Small Business Success.© Steven D. Strauss.
Bank of America, N.A. engages with Steve Strauss to provide informational materials for your discussion or review purposes only. Steve Strauss is a registered trademark, used pursuant to license. The third parties within articles are used under license from Steve Strauss. Consult your financial, legal and accounting advisors, as neither Bank of America, its affiliates, nor their employees provide legal, accounting and tax advice.
Bank of America, N.A. Member FDIC. ©2017 Bank of America Corporation