Posts

Ransomware: Why You Should Care

Viruses extortionists (ransomware, cryptoviruses) work in a similar way: they block the user’s desktop, encrypt important documents and files saved on the computer, then delete the originals and demand a ransom. Typically in Bitcoin, so they can provide you with a key to unlock your computer and to be able to continue working and have access to your saved files. Often the creators of cryptoviruses have strict conditions for the terms of payment of the redemption. If the owner of the files does not fit within these terms, the key is deleted and it will be impossible for the user to restore the files.

Ransomware is the most massive and significant attacks of computer viruses in the world.

Here a chronology of the first viruses in history, as well as the largest-scale virus computer attacks.

In 1971, the first program in the world, which was able to independently reproduce copies of itself on a computer network, was created by the engineer of the American technology company BBN Technologies, Bob Thomas. The program, called Creeper was not malicious: its functionality was limited to self-copying and displaying the message: “I’m the creeper, catch me if you can!” A year later another BBN engineer, e-mail inventor Ray Tomlinson, created the first anti-virus that self-replicated on the network computers and deleted Creeper.

The first virus created in 1981 caused an uncontrolled “epidemic.”  This virus spread using a technique now known as a boot sector virus. A virus called Elk Cloner was created by a 15-year-old American high school student Richard Skrenta by infecting the Apple II operating system. The virus infected the magnetic diskettes and, after the 50th access to the infected media a blank screen appears and a joke poem message was displayed. In some cases, the virus could also damage the floppy disk.

The first malicious program Michelangelo that infected over 1 million computers worldwide appeared in 1991 in Australia was written for IBM-compatible personal computers (PCs) and the DOS operating system. Other information from the disk could be restored, but it was difficult for an ordinary PC user to do it. The creator of the virus remained unknown, some cases of program activation were recorded until 1997.

On June 2, 1997, Chen Ing-hau, a student at the University of Datong (Taipei, Taiwan), created the first version of the Chernobyl virus (“Chernobyl” or CIH – according to the first syllables of the author’s name). The virus infected computers with operating systems Windows 95 and 98, triggers on April 26 of each year, the anniversary of the Chernobyl nuclear disaster. The virus erased the boot sector of the hard disk and, sometimes, the BIOS data – the boot sector of the computer. In the latter case, it was required to change the chip on the motherboard or even acquire a new computer, since the old one was out of order.

It is estimated that more than 60 million PCs were infected worldwide, and the damage exceeded $ 1 billion.

On May 5, 2000, the world’s largest epidemic of computer virus began. Created by Filipino students Reonel Ramones and Onel De Guzman, the “worm” ILOVEYOU sent itself to all e-mail contacts of the owner of the infected PC and replaced most of the files with documents, images and music on copies of itself. Only in the first 10 days of the epidemic, the number of infected computers exceeded 50 million. To protect themselves from the epidemic, many government agencies around the world have temporarily disconnected e-mail. The total damage was subsequently estimated at $ 15 billion. The Philippine police quickly found the creators of the virus. However, they went unpunished due to the lack of an article in the local criminal code providing responsibility for computer crimes.

On September 2010, the Stuxnet virus hit the computers of employees of the nuclear power station in Bushehr (Iran). It created problems in the functioning of centrifuges of the Uranium Enrichment Complex in Natanz. According to experts, Stuxnet was the first virus to be used as a cyber weapon.

Danger of Ransomware

On May 12, 2017 a significant number of computers with Windows as operating system were attacked by a virus-extortionist WannaCry. The virus encrypts user files so that they cannot be used. For decrypting the data, the attackers demanded $ 600 in the crypto currency of bitcoin.

According to Europol, the attack affected more than 200,000 computers across 150 countries. The four most affected countries were Russia, Ukraine, India and Taiwan according to Kaspersky Lab.  The attack, in particular, affected the National Health Service hospitals of Great Britain. Up to 70,000 devices including computers, MRI scanners, blood-storage refrigerators, and theater equipment have been affected. Cyber risk modeling firm Cyence estimates the potential costs from the hack at $4 billion.

Don’t Miss: The Dangers of Ransomware & How To Overcome A Cyber Attack

On June 27, 2017, from the attack of a new variant of Petya Ransomware many of large organizations have suffered in multiple countries, but especially in Ukraine and Russia.

The Petya virus spreads through links in e-mail messages and blocks the user’s access to the computer hard drive, demanding a ransom of $ 300 in bitcoins. This is similar to the malicious program WannaCry. During this attack, the radiation monitoring system at Ukraine’s Chernobyl Nuclear Power Plant  went offline. Some Ukrainian ministries, banks and metro systems were also affected. It is said to be the most destructive cyberattack ever.

The Business Continuity Solution to Ransomware

The best solution to protect your data and company from a different type of cyberattack is QBR (Quick Backup Recovery) Business Continuity Service, powered by Datto and provided by Namtek Consulting ServicesQBR entails on-site real-time data and machine backup through virtualization as well as off-site backup to the cloud. This hybrid solution allows for quick recovery during a disaster with no downtime or data loss. For more information about the latest solutions in Backup and Recovery visit us at: Quick-Backup-Recovery.com

dont-be-the-next-victim-of-a-ransomware-attack-qbr

Business Continuity

After consulting with many business owners, I realized that when software experts mention the words “business disaster” or “disaster recovery”, many people are thinking of natural phenomena, or weather events, such as floods, hurricanes, fires, ice storms, earthquakes, tsunamis, windstorms, and so on. Of course these disasters can affect a business, and they can have devastating repercussions, such as extended downtime, property damage, even loss of revenue and more. The probability, however, of such meteorological events is much lower than that of man-made technological events.

stopping time QBR

Technological and human disasters, including equipment failures, software malfunctions, user errors, security breaches, etc., can also have devastating effects on a company’s operations, resulting in downtime, lost data, lost productivity, lost expenses and more. One hour of downtime can cost companies thousands of dollars for small businesses and hundreds of thousands of dollars for large companies! It is essential to know your maximum downtime (RTO Recovery Time Objective) for your company. How long can you stop and survive? If your RTO is in seconds or minutes, it’s best to make sure you have a business continuity solution with off-site data storage.

Many companies, without a Business Continuity and a disaster recovery plan, many companies fail to recover from disasters. So, before you think to yourself, “we have great weather here or we almost never have power outages, why should I pay for a Business Continuity ?” – remember that your business is more likely to fall victim to ransomware, have an employee accidentally delete an important file or deal with a failing server. No matter how sudden and disastrous the event, you want to be protected. Ask yourself: is my company’s data worth the risk? You may have made it through the last 10 years without a disaster, but can you really guarantee that the next 10 will also be crisis-free? Your employees are human, they can make mistakes.

Ransomware attackers don’t care who you are or how big your company is, they attack everyone. We can never be too sure when a server will fail. There are no certainties, which is why it’s important to have a disaster recovery plan and a Business Continuity Service to guarantee TOTAL data protection, so you can get up and running quickly and easily. It’s not worth risking your company’s reputation and operations.

In our previous blog , we mentioned the term “data assurance”. This is how our customers see their Business Continuity Solution and service. They see it as an insurance policy in place to protect their company’s most important asset – their data! Companies are increasingly willing to pay a monthly fee for Business Continuity Services to ensure that their data is 100% protected and easily recoverable.

There’s no point in simply backing up your data only to find that after a disaster it takes DAYS to recover everything! Now that companies are using comprehensive management systems rather than keeping important information on paper, they are realizing the need for such a backup solution. They are also relying less on those outdated and obsolete tapes and drives to back up their data, and more on hybrid cloud backup.

Lately, we’ve been hearing a lot about “Ransomware”. This type of security breach is currently a big problem for companies, and even individuals, all over the world. The probability of a company suffering a ransomware attack is very high.

In 2016, the US and Canada jointly issued an alert, warning businesses and individuals of “the recent increase in extortion attacks that infect computers with viruses known as ransomware.” This virus not only encrypts a company’s data, but also demands payment to unlock it (Reuters, 2016).

The alert informed people that some of the consequences of ransomware attacks include “loss of information, disruption of current operations, expenses to restore access to company systems and damage to corporate reputation”. Governments have also discouraged victims from paying the pirates, since paying the ransom does not guarantee the release of their files. All it guarantees is that the pirate receives the money and, in some cases, their bank details. (Reuters, 2016)

Ransomware continues to dominate in 2017, with small and larger companies still paying millions of dollars to unlock their encrypted.

There are many ways in which a company can fall victim to a cyber attack. The most common are when computer users click on the wrong link or download an encrypted attachment. Other adulterations include spinning, baiting and heeling.

It’s important to understand why total data protection is essential in today’s business world. Businesses are now run and managed with software systems, so it’s important to ensure that there are no service interruptions in the event of the unexpected. Companies need to protect themselves not only against natural disasters, but also against man-made technological events, which are far more likely to occur.

Reduce your risks with a Business Continuity solution and a solid disaster recovery plan. Contact us today!

This post was updated to reflect current trends and information.

When we think about insurance policies, many of us think of the most common ones, such as health insurance, life insurance, automobile insurance and property insurance. We all know that the point of having any insurance policy is to protect your most important assets. For a company, what can be considered as important? I’d say their sensitive data! This is why I strongly urge business owners to have, what I like to call, “data insurance”.

“Data Insurance”

data-InsuranceWhat is “data insurance”? To our team at Namtek Consulting Services, it is a company’s Business Continuity and Disaster Recovery solution and plan. All of our customers, using our QBR Business Continuity solution and service refer to their monthly fee as their data’s insurance policy. They know that no matter what happens, their data is protected and easily recoverable. They are provided with real-time backups, email confirmations ensuring that all backups taken were successful, and quick recovery methods for their data during any crisis or disaster. Please don’t get this mixed up with those old backup tapes and drives. Read how Business Continuity differs from traditional backup and recovery methods.

To learn how Business Continuity works, check out these short videos on YouTube.

What do companies have to protect their data against?

There are many causes for data loss and downtime, which can include human error (accidental deletion of files or folders), natural disasters (fires or floods), power outages, hardware or software malfunction, and much more.

Ransomware

Another big threat to a company’s data is Ransomware Cyberattacks. This is considered as a growing concern in the today’s business world. Ransomware attacks are when hackers threaten companies (and even individuals) by holding their valuable data hostage and asking for a ransom in order to release their data back to them. Ransoms for individuals are usually around $500 USD but can go much higher for companies.

The ransom, in most cases, isn’t even the biggest problem to these companies. It is the downtime that they experience during this whole ordeal. Employees don’t have any access to the company’s data until they pay the ransom, causing operations to stop. By the time management opens up a bitcoin account, pay the ransom and receive the code to unlock their files from the hackers, a few days could have passed. Time is money. For many companies, this downtime could add up to a much higher dollar amount than the ransom itself.

Therefore, it’s critical to understand that ransomware affects companies in two major ways:

  1. The ransom itself, which can be upwards of tens of thousands of dollars for businesses.
  2. Downtime!

Unfortunately, the number of ransomware attacks has been increasing; hackers are realizing that not only can they target individuals, with a $500 USD ransom, but they can target all kinds of businesses, hospitals, universities, etc. in which they know the data at these places is considered to be extremely valuable to them. For Universities that do world-class research, like the University of Calgary, a higher ransom will be requested. Remember, hackers have no moral standards. They can increase the ransom as they please.

More and more, news outlets report successful ransomware campaigns that happen to individuals as well as companies, hospitals and universities.

Read: 2017-2019 Ransomware statistics and facts

 CBC News released a story about a ransomware victim who got his home computer seized by a malicious malware program and was asked to pay $800 CAD to get the code to unlock his files. He paid it right away because all of his family photos and wedding photos were held hostage.

The success rate of these cyberattacks are high due to the fact that hackers can’t get caught and they are continuously adapting to changing environments by altering the malware. On top of it, many people don’t think they’ll be a victim until they are, so they ignored expert advice to implement a Business Continuity solution and draw up a Disaster Recovery plan.

I’m here to tell you that, as a business owner, you definitely need to seek out security measures, like QBR Business Continuity, that will protect your data from these cyberattacks or any other crisis or disaster. It’s to protect you from the unexpected.

Key takeaways from Ransomware Cyberattacks:

  • EVERYONE can fall victim; from individuals, to small businesses to large enterprises
  • The more valuable your data is, the higher your ransom will be
  • There is no limit to how many times you get ransomware
  • Without a solid Business Continuity solution, once you pay the hacker, the virus remains
  • Traditional backup systems aren’t cutting it anymore for these sophisticated types of malware
  • Business Continuity saves companies from having to pay a ransom and from incurring any downtime. They can instantly rollback to the most recent time where all of their files were not infected.

 

Bottom line: Protect your data to keep operations running as usual

data-securityIn the end, what matters to every business owner, is how fast employees can get back to work or in other words, how quickly operations can resume, during all sorts of disasters or crises. Be it a fire, a flood, an ice storm (for all our fellow Canadians), a human error, a ransomware attack, or hardware malfunction, it’s important to be well protected. A company’s data is extremely valuable to their operations and it’s time business owners see Business Continuity services as their insurance policy. Our QBR customers can restore an entire server, an entire desktop or simply pick and choose a specific file they accidentally deleted. It’s that simple and truly that remarkable.

Business owners may think that the chances of them experiencing data loss or downtime are slim. It’s actually a lot more prevalent than one may think. According to Peer1 hosting, “90% of businesses unexpectedly lose access to their critical systems and one-third of them deal with downtime each and every month. The average downtime in the U.S. is 7.9 hours, and in Europe, businesses average 10.3 hours of downtime”. When this happens, and depending on the cause of downtime, these companies will suffer from loss of data and loss of revenue, amongst other major business impacts.

How much will 7.9 hours of downtime cost YOUR business?

Once you see an actual dollar amount linked to your downtime, you may start re-thinking having that “data insurance policy”.

Protect your company’s data and get some “data insurance”. Contact us about our Business Continuity service – QBR. You’ll have the peace of mind when it comes to your data’s safety.