Would your business survive a malware attack?

By Paul Johnson, President Complete Mailing Solutions


If your business were struck this afternoon by a malware attack, how would it fare? At first brush, most executives would be inclined to say they’re prepared. Upon digging further, many would find that they have vulnerabilities that could be quite disruptive and costly.

data-protection-small
When it comes down to it, there are two primary issues to consider:

  • How well are you protected?
  • How would you recover if successfully attacked?

The former has to do with protection and prevention and the latter with recovery or what is often referred to as business continuity. Each of these is an extensive topic and can’t be given their just due in one article. However, we’d like to provide insights into business continuity, helpful resources and actions you can take to move your company closer to the ideal of being able to recover without missing a beat.

The frequency and effectiveness of malware attacks are growing at an alarming rate. This is placing ever more importance on business continuity to the point where it is now a business imperative.

Is a good backup strategy sufficient?

This is an important point to consider. It primarily boils down to what you define as sufficient. How long would it take to recover using on site backups? Hours? Days? What would that cost you in direct and intangible costs? The eBook, CEO? Here’s Why You Care about Business Continuity and Disaster Recovery, is a helpful guide for executives to assess the risks and costs of downtime.

What is the difference between backup and business continuity? A picture is worth a thousand words, so here’s an infographic, Traditional Backup vs Intelligent Business Continuity, that does a nice job of
comparing and contrasting the two.

If you want to learn more about business continuity solutions and/or get an assessment for your business, call or email Paul Johnson at 303-761-0681 or Paul.Johnson@comp-mail.com

Ransomware – Brief Highlights, How It Works, How To Avoid It

By Paul Johnson, President Complete Mailing Solutions

Ransomware utilizes malware (malicious software) to make data or your computer’s operating system unreadable or inaccessible. It demands payment to unencrypt affected files or systems. However, even if the ransom is paid, there is no guarantee ransomed items will be released. According to the FBI, Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Read the full FBI article here.

Brief Highlights

In its simplest form, Ransomware has been around since 1989 represented by the AIDS Trogan virus, which was distributed via floppy diskettes (remember those?) sent to World Health Organization’s international conference attendees. When the computer containing the virus was rebooted, files were encrypted and the ransom demand was made. Users paid $189 in ransom. It didn’t take long for decryption tools to recover the files and stop the attack.
Ransomware became more prominent around 2006 with a Russian-based extortion plan by organized criminals called TROJ_CRYZIP.A. This version placed files of a certain type into a password-protected ZIP folder and deleted the originals. Victims were directed to pay $300 to an E-Gold account (a precursor to Bitcoin).
Ransomware really began to explode in 2013 with the first widely-recognizable crypto-ransomware called CryptoLocker. This form of ransomware made the recipient’s computer virtually unusable by encrypting all files. CryptoLocker was delivered through downloads from compromised websites, phishing and email attachments. It was extremely sophisticated and utilized Bitcoin for payments.
Spinoffs of CryptoLocker, Onion, Reveton, Jigsaw, KeRanger (the first official Mac OSX-based ransomware), CryptXX and others, make it clear that that ransomware will continue to increase in sophistication and range. Delivery methods will expand as will types of machines affected and ransom amount. In fact, reports this year indicate Android phones are now at risk. There’s no end to the extent cybercriminals will utilize to take your money.
How to protect yourself
There are some basics to follow to protect yourself:
1. Keep your system backed up on a regular basis so you can restore your computer to a known clean state.
2. Utilize a strong and reliable security system that can identify and block ransomware threats.
3. Keep your software updated. Patches are constantly being added as viruses and ransomware are being identified.
4. Perform a full network scan to identify infected computers – isolate compromised equipment until they are complete clean before putting back into service.
5. Show hidden file extensions so you can spot a potentially suspicious file. Often “EXE” files can contain a virus. Always be wary of EXE files sent via email attachments.
6. If at all possible, don’t pay the ransom. This not only encourages the cybercriminals, but may place you in an even worse situation. There have been plenty of cases in which a decryption key was never provided or did not encrypt all files.
To learn how to protect yourself, get your free copy of the The Guide to CryptoLocker Prevention and Removal today.