Ransomware 845 A.D.

March 29, 845 A.D. The scene is Paris. Five-thousand Viking warriors plunder and occupy the city. The French king, Charles the Bald, wanting to get rid of these unwelcome intruders, offers a ransom of 7,000 livres (5,670 pounds), payable in gold and silver, if they agree to leave. As part of the deal, the Vikings promise they’ll take the loot and never return. Charles, eager to avoid a drawn-out and destructive fight and faced with a great many other kingly problems, settles up, hopeful that he’s seen the last of his northern visitors.

Charles was forced to pay a ransom, not for computer files, but for his entire realm. Unfortunately for him, the Vikings were neither stupid nor content with their score. At some point, they realized the French were easy pickings (What invading army hasn’t?) and throughout the next 50 years they continued to show up: “Say, nice little kingdom you got here. Be a shame if something were to happen to it.” It wasn’t until Paris got serious and constructed walls strong enough to repel the invaders that the incursions stopped.

In many ways, the first Viking raid on Paris is a lot like ransomware. One similarity is that the Vikings weren’t a surprise to Charles — there had been ample warning during the previous 10 years of their pillaging in the surrounding area. Charles and future kings weren’t prepared to deal with the Vikings, just like many business leaders today who fail to prepare for a ransomware attack. They know it’s out there, they’ve heard the horror stories, but they just keep their heads down and hope it doesn’t happen to their organization.

Unfortunately, sooner or later, it’s going to happen, and the results can be catastrophic. Symantec, a global-leader in cyber security, reported an average of 4,000 ransomware attacks per day in the first quarter of 2016 — a 300 percent increase from 2015. And these attacks continue to increase because people keep paying the ransoms. CryptoWall 3.0, a particularly nasty little program, alone has generated an estimated $325 million in ransom payments.

Damage from an attack is much greater than just money. Hollywood Presbyterian Medical Center in California got hit back in February, and while they only paid a ransom of $17,000, they ended up suffering 10 days of downtime. Without files, the employees had no access to e-mails, patient records, results of medical tests and were unable to perform CT scans (a loss of $1 million by itself). They had to deal with a massive disruption in documentation, lab work, and pharmacy services. Things were so bad that the hospital had to turn patients away.

So what can an organization do to prepare for a ransomware attack? What works best is a multi-layer approach:

• Maintain up-to-date security software. Antivirus programs only prevent threats that have been identified and recorded, you will need endpoint security on any device that connects to your network. This is particularly important as mobile devices become more pervasive.
• Keep all software patched and updated. It’s a great idea to automate the updating process via a patch management in your security stack.
• Conduct regular training and awareness for all employees. It’s also a good idea to regularly test employees to make certain they practice what they’ve been taught.
• Practice the “Least Privilege” principle where access is limited to only those who absolutely need it.
• Backup all your files on a set schedule, regularly and often. While more organizations are backing up their files and believe that they can restore encrypted data from such backups, only 42 percent report being able to fully recover their data. Too often backups aren’t done regularly and consistently. Be careful storing your backups — local ones and those that are accessible via networks are vulnerable to encryption too.
• Hire highly-skilled security certified professionals. Having a security certification will make you more attractive to potential employers and ultimately, get you more money.

Some people claim that walls don’t work — the French proved they did. But their walls by themselves would not have worked. They also needed dependable men on those walls who knew what to do in the event of an attack. Regular security training and skilled employees will go far toward protecting your data when the inevitable happens.

About the Author — Calvin Harper is an associate editor for GoCertify and a veteran of the publishing industry. Calvin likes to relax in the rec room by swigging diet soda from an authentic Viking drinking horn.