Oops! Your files have been encrypted.

If you see this message on your computer screen, your system has probably been infected with malware. If the message declares that you can fix the problem by paying for a decryption service, you may now be a victim of ransomware. In this BlogBytes, we will review the ransomware landscape, take a look at a case study example of a police department that was attacked by malware, and understand what measures you can take to help protect your firm against ransomware with strategic support from LTO technology.

The Ransomware Landscape

According to a report from CyberSecurity Ventures, ransomware attacks cost the world $5B in 2017 and will more than double by 2019. They also predict that a ransomware attack will occur every 14 seconds by the end of 2019!

The costs of a ransomware attack can fit into two categories; above and below the surface costs. According to Deloitte, the visible above the surface costs can range from customer breach notifications and regulatory compliance fines to post-breach customer protection and attorney fees and litigation. The less visible below the surface costs can include operational disruption, lost contract revenue and loss of intellectual property which may have a costly impact for years to come.

Police Department Attacked!

As reported in a tripwire.com article, a Texas police department was the victim of a ransomware attack and lost digital evidence as well as other files that dated back eight years. The department discovered that a server had been attacked and quickly disconnected it from all other systems, to help contain the virus. The malware encrypted many of the department’s files and the attacker demanded 4,000 USD in Bitcoin to obtain the decryption key. As reported in the article, the police department consulted with the FBI that pointed out there was no guarantee the police would get their files back if they paid the ransom. The department decided not to pay.

As the article states, the virus targeted all of the police department’s documents as well as body camera video, in-car video, in-house surveillance video and photographs. Fortunately, the department kept a copy of all documents on CDs and DVDs but did not have a working backup of the evidentiary videos and photographs.

Lessons Learned – How to Prepare for an Attack

An organization facing a ransomware attack has a difficult decision to make – whether or not to pay the ransom to regain access to systems and data.  Many experts advise against paying the fee because there is no guarantee that the systems and files will be released and there may be subsequent attacks. Preparing ahead of time is the best plan to avoid an attack or to provide other options in the event of an incident.

Overall, you should follow best practices for your organization and the cloud and include these three critical steps:

  • Back-it-up: this is the number one best practice to combat malware attacks. A data protection backup plan should be created and implemented – making sure it includes an “air-gap” protection technology such as LTO tape. A tape cartridge can be removed from the system, preventing access to data on the cartridge. In other words, there is air between the cartridge and the system, meaning no electronic connection. In addition, the information can be secured with LTO hardware-based data encryption, helping to safeguard data if the tape were to get into the wrong hands. In the event of an attack, important files can be recovered from the offline tape backups.
  • Educate employees: email phishing is one of the most commonly used methods of malware attacks. Educate employees so that they are aware of this practice and teach them how to be safe by avoiding suspicious emails, links and attachments embedded in communications.
  • Create IT Health: make sure you have robust data protection anti-virus software in the office and at home. Scan often and keep security updates current. Use spam-filtering and block unwarranted sites to help prevent attacks.

Ransomware attacks are on the rise and attacks can target both small and large organizations, causing business disruption and costly recovery. Be proactive and protect your data by implementing a security plan that includes LTO technology!

Want to see LTO-8 technology in action and talk to the LTO Program’s storage experts? Visit with us at the upcoming Open Compute Project (OCP) US Summit, March 20 – 21 at the San Jose Convention Center.