A recent ZDNet article, Ransomware: Five reasons why your biggest security headache refuses to go away (written for small, medium, and even some larges businesses continually concerned about ransomware) discusses five reasons corporate IT managers need to remain concerned.
The reality is, it’s not just corporate IT managers who need to be concerned.
Malware, and ransomware specifically, is going to impact us all for some time to come. Here are five reasons why. The reasons are surprising, but perhaps even more surprising is that many are under our control.
Become a Patron of Ask Leo! and go ad-free!
Ransomware — nothing more than particularly destructive malware — will be with us for some time because people fail to take the steps needed to keep themselves, their businesses, and their families safe. Difficult and impractical to track down and stop at the source, prevention remains the only pragmatic solution.
Nobody thinks they will be the next victim
Like teenagers who consider themselves invulnerable, it’s not uncommon to think it won’t happen to you.
You’re smart. You know what to look for. You’d never fall for it. You do all the right things.
Until, of course, it happens anyway.
In the business setting, it’s easy to believe that because you know what you’re doing, and you’ve told everyone else what to do and what to look for, that you’re covered. Not until after the fact do you find out that not everyone got the memo or understood what it meant.
The same happens at home. Just because you, as the “keeper of the computer”, know what you’re doing doesn’t mean other family members or guests do.
You must assume it can and will happen to you and the equipment you oversee, and you must prepare.
Security basics are ignored
The most common reason you hear about corporations and businesses suffering data breaches?
Unpatched software.
In other words:
- There’s a bug in some software — say Windows itself.
- That bug can allow malware to do nasty things.
- That bug is known to malware authors, who are actively writing malware to compromise systems having the vulnerability.
- There’s a fix available for the bug. People with the fix (provided through normal update channels) no longer have the bug, and their systems are safe from compromise.
- Some organizations, for whatever reason, have not yet taken the patch to get the fix: they remain vulnerable.
Being vulnerable, the malware comes along and *poof* — ransomware or some other form of malware wreaks havoc.
This exact same scenario plays out at home. Keeping your system up-to-date with the most recent security fixes is one of the most important ways to protect yourself from any malware, including ransomware.
Staff aren’t taking security seriously
In business, it’s easy to see security as a distraction from getting your work done. It takes extra time, it takes extra steps, it takes extra thought.
It’s something that gets in the way. Besides, “it won’t happen to me” (see point one, above).
In the workplace, it takes one employee to let their guard down, and modern malware, including ransomware, can quickly breach defenses and compromise more than just that employee’s computer.
The same is true at home. The weakest link in your computer security may not be a “what”, but rather a “who”.
Who’s most likely to ignore your security admonitions? Who’s most likely to consider all this security “stuff” an annoyance to be worked around or ignored?
Who’s most likely to do everything they can to watch the dancing bunnies promised in a malicious email?
Security is everyone’s responsibility. Even so, every user should have access only to what they need, so as to reduce the impact should they fall victim.
Catching ransomware gangs is far too hard
This isn’t something you can do anything about but be aware of, and it applies to individuals and businesses equally.
It’s incredibly difficult to track down, round up, and prosecute those responsible for malware and ransomware. The internet is global, so your local authorities can do little, and those with the ability to reach across borders to do this kind of work are already stretched as thin as you can imagine.
On top of that, not all countries are as aggressive about stopping or prosecuting the miscreants as we might like. Heck, we’ve even heard of the exact opposite: government-sponsored malware.
Know that malware, and specifically ransomware, will be here for some time, and take steps to protect yourself.
Too many businesses pay the ransom
Why does ransomware exist? The same reason as spam: because it works.
It doesn’t take many victims paying up to make the whole endeavor worth it to the purveyors of ransomware.
And once again, there’s nothing you can really do about this. If no one paid the ransom, there’d be no reason for ransomware, but that’s not going to happen. I get that sometimes it’s a business decision to get a business back on its feet, but the reality is, doing so only encourages more ransomware.
If you’re infected with ransomware, never pay the ransom.
Being prepared with a good backup strategy and a good safety strategy can take ransomware from an expensive, time-consuming disaster to an (albeit frustrating) annoyance at worst.
Ransomware is just malware
I’ve been saying this for a very long time, but ransomware is “just” malware. Yes, it’s malware capable of exceptionally painful destruction, but it remains just another form of malware.
That means you don’t need to take extra steps to protect yourself from ransomware specifically. If you remain sufficiently protected from malware in general, as you should already be, then malware is no additional threat. Having a recent image backup reduces the vast majority of ransomware attacks to mere inconveniences: simply restore the backup and go on with your life.
Stay safe, back up regularly, and use common sense.
Still concerned? Start here: How to Avoid Ransomware — the 3 Things You’re Hopefully Already Doing.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Podcast audio
Footnotes & References
ZDNet.com: Ransomware: Five reasons why your biggest security headache refuses to go away — August 2, 2020.
“That means you don’t need to take extra steps to protect yourself from ransomware specifically. If you remain sufficiently protected from malware in general, as you should already be, then malware is no additional threat.”
I’d say that is only partially true. While ransomware is only malware and prevention is the same as for any malware, once it has gotten on your machine, it has one additional vector of attack. More recent forms of malware can encrypt files on your attached drives so one extra step is to make periodic copies of your backup files to unattached drives. Additionally, you can use Macrium Reflect paid edition for backing up which protects the backups against ransomware encryption.