Apemag

  • #MyStartupStory
  • tech
  • maker
  • Startup Lessons
  • In the South
    • Tennessee
    • Alabama
    • Arkansas
    • Florida
    • Georgia
    • Kentucky
    • Louisiana
    • Mississippi
    • North Carolina
    • South Carolina
  • Startup Support
    • Accelerators
    • Coding Bootcamps
    • Colleges and Universities
    • Incubators
Startup Lessons, Technology

Startups, Plan for Ransomware Before You Get Hit

- Matt Bennett -

If you run a startup or small business and are unfortunate enough to be the victim of an online attack, there is a very good chance that it will take the form of ransomware. This type of attack has rapidly grown in popularity over the past couple years, because it is simple to execute, cost effective, and the tools for performing it are widely available online (if you are the sort of person who knows where to go look). Unlike many more sophisticated attacks, it takes little time to set up and requires no advanced hacking skills. This makes it one of the most likely attacks an entrepreneur or solopreneur will encounter.

In a ransomware attack, the process begins with a phishing campaign – malicious links are sent out via email, social media, even text message. Clicking the enclosed link will download the actual malware payload, a small program that will quickly start encrypting your files. Actual ransomware varies in complexity – the simplest variants will only encrypt local files, while more advanced ones may attempt to spread themselves to other connected computers and can affect an entire network. Regardless of how extensive the attack is, once the encryption process is complete you will effectively be locked out of your computer and presented with a page informing you that in order to restore access, you must pay for the encryption password so you can decrypt your files. The price can vary, but frequently will be less than $100 – and that is the secret to ransomware’s effectiveness. Faced with the prospect of losing critical files, and with a reasonably affordable solution at hand, a lot of people will just pay and get on with their lives. And since the malware can be used over and over, it becomes a numbers game – instead of some big score with thousands of dollars or a huge database or saleable information (often taking years and advanced skills to set up), ransomware generates income for the attacker a few dollars at a time, over and over.

Unfortunately, paying may not get you out of trouble. In a number of recent attacks, victims paid the ransom, but were not given a functioning key with which to decrypt their files, which remained locked. And it should be noted here that even though the malware used is simple, the encryption is typically pretty strong, enough so that without the password the files are effectively lost forever. And even if you get your files back, many more sophisticated ransomware programs will leave small, hard-to-detect residual processes behind: say for instance a keylogger, which scoops up all your keystrokes and sends them to a remote server so an attacker can look for login information, or software which creates a back door, allowing the attacker to use your computer as a foothold in a larger, protected network, like your big new client that just gave you access to their systems.

Protection from malware is a matter of preparation – if you click the link, you are likely infected, and it is too late. Consider that an infosec professional writing here was himself the victim of ransomware (although he had planned ahead and did not pay), despite having configured advanced malware scanning tools in an attempt to stop this sort of attack. Luckily preparation is simple – back up your files. Keep a current copy of anything you are afraid to lose somewhere not connected to your computer, like an external hard drive or USB (yes those still exist). Something ‘airgapped’ – not physically connected to your machine except during the backup process. Backup weekly at least, more often if you cannot afford to lose daily work. Don’t image the entire hard drive – if so you may also copy over ransomware that has been downloaded but has not deployed yet (see why below). Just copy your documents, pictures, etc.

If it happens to you – you clicked on that link even though you knew better, and now you are looking at a ransomware lockout screen, here’s the steps to follow:

  1. Don’t try to connect to anything – in fact turn off wifi (even if you have to shut down your router), unplug your Ethernet cable, do whatever you can to deny the malware a chance to spread and infect other machines.
  2. Don’t pay – remember, there are no guarantees you will get your files back, and you will need to wipe all of them anyway because of the risk of persistent threats being left behind. Assume all the data is corrupted and lost forever.
  3. Completely re-image the computer – you need to wipe the hard drive clean, then reinstall the O/S, then you can restore your backed-up files. If you have a restore disk or copy of the O/S, now is the time. If not you may need help to completely clean the hard drive – but where would you rather spend your money, with a computer tech or with a criminal?
  4. Change all your passwords – some ransomware does not immediately encrypt everything, instead it lingers for a few hours or days trying to gather passwords secretly before it locks everything down. Assume that the attacker knows all your passwords, and start changing them now that your computer is clean.
  5. Report it – take 5 minutes and fill out a complaint at the FBI’s Internet Crime Complaint Center (www.ic3.gov). It is highly unlikely that your attacker can or will be caught, but reporting helps develop accurate information about the types of attacks, the malware used, points of origin, and other useful data.

 

Ransomware, like all online attacks, is nerve-wracking – we truly realize how much we rely on our computers when someone takes them away from us. It also costs time and money (even if you don’t pay). But recognize the potential threat and plan now, and take the time to keep that backup current. Even if you become a target one day, you do not have to become a victim.

 

Image Credit: Christiaan Colen  

Aug 9, 2016Matt Bennett

EntrepreLingo Series: C Is for CapitalLearning to Fail: The Most Important Startup Lesson Taught at Mississippi State
4 years ago 1 Comment Startup Lessons, Technologyinfosec for startups, ransomware86
retro
Matt Bennett

Matthew Bennett is a corporate IT auditor, freelance information security consultant, and evangelist for small business security awareness. He is a founding partner of Startup Southerner.

Website Twitter
Comments: 0
Pingbacks: 1
  1. Your Startup Could Be a Target for a Phishing Attack « Startup Southerner
    4 years ago

Leave a Reply Cancel reply

Share It!
0
GooglePlus
0
Facebook
0
Twitter
0
Linkedin
Posts
Recent Comments
  • East Tennessee Startups Have Chance to Win $15,000 on 2017 Startup Day « Startup Southerner on #MyStartupStory: Start a Beer Fund With BrewFund
  • East Tennessee Startups Have Chance to Win $15,000 on 2017 Startup Day « Startup Southerner on Ed Pershing, CEO of PYA, Reflects on Entrepreneurial Journey
  • Salemtown Board Co.: Scaling a Social Enterprise « Startup Southerner on Entrepreneurial Thinking for Nonprofits
  • Salemtown Board Co.: Scaling a Social Enterprise « Startup Southerner on The EntrepreLingo Series: S Is for Scalability
  • Domonique Townsend on The Unbalanced Reality of Work-Life Balance for Working Mothers
Be up-to-date!
  You Might Also Like  
Alexander Davie, Legal, Startup Lessons

Filing Is Not Enough: 6 Steps You Must Take to Incorporate

Forming a corporation involves a number of steps. Here's what they are.

Startup Lessons, Technology

Why It’s Hard to Find a Tech Co-Founder for Your Startup

It's not enough to say your idea is going to take off; to land a great tech co-founder, you'll have to prove your worth.

Technology

Virtual Reality to Revolutionize Sports Viewing Experience

Why Charisse Lambert thinks virtual reality is the next big thing for sports fans.

In the South, Technology

The Cyclomatic Complexity of Nashville

Seth Steele outlines the challenges facing Nashville's tech community.

Technology

Can VR Be the Agent of Social Change?

Forget gaming. Virtual reality has societal applications, as well.

Accelerators, Startup Lessons

What Exactly Is an Accelerator?

It's not gobs of money thrown at you and it's not a contest. Here's what an accelerator really is.

Accelerators, Startup Lessons, Startup Support, Tennessee

Accelerator Spotlight: Start Co., in Memphis, TN

Memphis, Tennessee-based Start Co. offers three accelerator programs for startups.

Marketing, Startup Lessons

Yes, Your Startup Still Needs a Facebook Presence

Social media basics for startups.

  • About
  • Contact Us
  • Advertise
Most Viewed
2016 FOUNDING SPONSOR
your-image-description
2016 FOUNDING SPONSOR
2017 © Startup Southerner, LLC