A few years ago one would not have imagined that computer files could be held for ransom. Today, the idea of such a hack still seems far-fetched, but this was reality in late December, for a law firm in British Columbia, who never saw it coming.
[embedyt] http://www.youtube.com/watch?v=zc8LuwT6zD8[/embedyt]
Cryptowall Makes an Appearance
According to The Law Society of British Columbia, the law firm was hacked by the Cryptowall Virus on Monday, December 29th, 2014. The Law Society of British Columbia states, “The firm was advised to contact an address within 12 hours and pay an extortion fee to have the encryption unlocked. The notice further advised that if the firm did not pay the fee within the stipulated time, the fee would double.”
Not Only That
The virus warned that if they did not pay within 30 days the files would be destroyed. The ransoms ordered to be paid to save the files being held captive typically range between $100 to $300 and can only be paid successfully via an untraceable virtual currency.
There Are No Guarantees
Worth noting that there are no guarantees that the hacker will actually unlock the computer after payment has been made. There have also been cases where the authorities have found the hackers and shut them down, making it impossible for victims to have their computers unlocked even after paying the ransom.
Cryptowall Not Just Limited to BC
In the past year, similar cases of “ransomware” have been occurring throughout Ontario and are steadily growing into a severe problem. Transferred through clickable email attachments or a link to a website hosting the malware, ransomware has become a widely known type of virus and has even gone on to inspire various TV series where the plot of some of their episodes revolves around similar cyber-attacks. The question then arises: What can be done to protect your organization from these hackers?
Ransomware Preys On Human Curiousity
While all computer users should be on the constant lookout for suspicious emails and links both at home and in the office, it appears that many of these hackers are not directly attacking computer systems. It is, however, the accidental clicking by an employee who ultimately opens the wrong attachment or clicks a questionable link and downloads the malware.
The Biggest Source of Attacks
90% of computer hacks occur because employees do not take a moment to stop and think before they click on a link in an email. The best way to prevent this from happening in the first place is to educate your staff on how to distinguish between a legitimate link and a phishing attempt.
Phishing involves the use of email that appears to be legitimate, safe, and credible from a trusted source, institution, vendor, or company. In reality it is from a third-party criminal, who wants to do you and your organization harm.
The easiest way to determine if a link is legit is to hover over it with your mouse pointer and see if the actual link matches the text of the link in the email.
Hard to Believe but Not Everyone Uses Anti-Virus Software
Unfortunately, there are still a number of organizations who do not protect their computers with the proper security systems and this allows hackers to freely access the victim’s network.
Don’t Become a Victim of Ransomware
With proper education, the law firm could have avoided being hacked by the Cryptowall Virus. This would have saved them a whole lot of time, money, and stress.
The Solution
With highly qualified professionals who carry some of the highest certification credentials available, our team is dedicated to helping educate your staff on how not to fall victim to ransomware via our highly effective training program.
Call Now at 1-877-386-3763 to Schedule a Free Network Security Consultation
We will work with you to determine the best way to test the effectiveness of your organization’s network security. We can:
- Scan your network for security vulnerabilities and provide recommendations on how to fix them
- Conduct penetration testing to attack your system from the perspective of a hacker
- Confirm that your network is PCI compliant if you accept credit cards
- Audit your network if it has already been hacked
- Train your staff so they do not fall prey to phishing emails, social engineering scams and other cyber-attacks