Did we get you to click? That’s how the bad guys get you, too. One little click on the wrong link and your clients’ businesses could be up the proverbial creek.
Theft only comprises one aspect of the activities cybercriminals undertake, but it’s a sizeable chunk of their enterprise. What’s worth noting is what the thieves are stealing. The majority of cybercrime is focused on stealing data with the intent of selling it for profit to a third party, but what keeps one little malware family in the headlines is how differently it plays the game. In a recent conversation between Webroot Chief Technical Officer and rocket scientist Hal Lonas and Penton Technology Market Analyst Ryan Morris, we can see how ransomware is rewriting all the rules.
During the discussion, Lonas noted, “the bad guys used to want your data because it was valuable to them. If [they] could get your credit card number or your identity or a secret from your company, [they] could go sell that.”
When Morris asked what makes ransomware different, Lonas had this to say: “The interesting thing about ransomware is that criminals are now saying, ‘Your data is valuable not to me, the bad guy, but to you. How much is your data worth to you?’ They’re betting that you don’t have any backup and protection in place, so their angle is to take your data and hold it for ransom until you decide what the value is, and then you pay them.” So, while conventional security threats may steal information to sell down the line, what sets ransomware apart is that it seeks to extort money from the victimized company itself.
Morris responded that he’s heard about modern companies with robust security operations run by professional in-house InfoSec teams who, as recently as this year, have paid ransoms. “That blew my mind,” he stated. “I, perhaps naively, thought we’d solved these types of problems.”
Layered Security is the Game Changer in Fighting Ransomware
The question is: if even large businesses with high-powered, fully-staffed dedicated IT departments are having a hard time with these threats, what hope do smaller businesses and the managed service providers (MSPs) they trust to secure them have to fight back against ransomware?
Morris raised the questions, “How can we win the battle in the ransomware universe? What preventive steps should we take, and what ongoing measures should MSPs and end users implement to protect themselves from ransomware threats?”
Lonas cited these key strategies for a solid cybersecurity defense:
“Investing in backups and data security is of paramount importance. That’s hardly new advice. It applies to everything from business security to homeowner’s insurance. But, with a threat like ransomware on the loose, it’s more crucial than ever to make sure our data is securely backed up and that we can recover it quickly, easily and in its entirety. We also have to test the backups; spend a little extra time and money verifying that the recovery systems are going to work.
“From there, we need to make sure we have a multi-level security approach in place. We’ve talked about this for years—the layered security approach—to ensure that malware and other types of breaches don’t get through, and each new attack vector can mean a new layer. Sometimes this causes redundancy, but as long as the various layers work in harmony, they provide comprehensive security that can prevent breaches. Firewalls, next-generation firewalls, web filtering, proxies, VPNs… we have to ensure all of those protection layers are deployed.”
As he continued, Lonas made sure to emphasize the importance of endpoint security. “We have to have world-class endpoint security on all of our machines: the Windows machines, the Apple machines, and the mobile devices, including bring-your-own-device.” According to Lonas, every device that could conceivably connect to a network needs protection so that it doesn’t become the gateway for cybercriminals to infiltrate an organization.
The More Your Clients Know…
Finally, user education is critical. Lonas concluded his recommendations by stating that users need to be aware of the types of threats they’re going to face, the various kinds of phishing attacks, fake messages, emails, and even phone calls they might get from people claiming to be tech support personnel who just need a password to make a quick update. “Bad guys are always figuring out new ways to get to us,” he warns. “The combination of layered security that covers all potential threat vectors, solid backup and recovery strategies, and user education is the only way companies can protect themselves, their employees, and their customers from ransomware.” Existing Webroot MSPs can take advantage of the tools and content available in the ChannelEdge Toolkit and use it educate and inform their clients on threat protection and industry best practices.
Get Ready, Get Set, Take Action
Adopt a next-generation endpoint security solution that uses advanced behavioral technology and real-time detection to keep users safe. Take a 30-day FREE trial of Webroot SecureAnywhere® Business Endpoint Protection—no risk, no obligation to buy. You don’t even have to uninstall existing security.
As an MSP that sells Webroot, We have to say we have had far less problems with secuirty, virus’, malware and ransomware. Webroot has made managing our clients much easier and given a great sense of safety.
One point to make, most small business’ seem to opt for USB hard disk backup. Understandable as they are cheap for large storage, however, ransomware loves external drives and we have been called to a few sites where the client have lost backup and data to ransomware.
I keep getting this link errorworningvirusalirt.xyz but can’t get into support for help.
Hi Darrel,
Please reach out to our Technical Support Team at your own convenience for assistance:
Support Number: 1-866-612-4227 M-F 7am−6pm MT
Send us a Support Ticket: https://detail.webrootanywhere.com/servicewelcome.asp
Warm Regards,
Josh P.
Social Media Coordinator
I agree entirely regarding layered security protection and the importance of regular, verified backup.
Challenge: While Apple has a competent apps and files backup in Time Capsule, Windows, to my knowledge, is a comparative nightmare. To resist and ignore a ransomware penetration, one must wipe their drives, reinstall Windows, reinstall each application, authenticate license numbers w/ each app vendor, and only then be able to access their business and personal data. Presuming the latter was backed up error-free. For me and my SOHO network the above would be at minimum a two full day process.
Anything on the horizon to make backup and restore in Windows a more PITA-free experience?
Thanks,
— Lyn