How Ransomware Cyber Attacks Can Affect Your Business

Is Your Website at Risk from Ransomware?

Many of you have heard about the massive cyber attack that has sent much of the world into ‘disaster recovery mode’. This is a great wake-up call to remain diligent and acknowledge the importance of good security practices.

As evidenced over the past few days, security of systems and data are essential for any organization to function. We have seen time and time again, an increasing volume and sophistication of cyber security threats.

Cyber Security Threats Include:

• Targeted Phishing Scams
• Data Theft
• Other Online Vulnerabilities.

Nothing in security is 100% full proof.  It is essential that you, and any staff, are proactive to ensure your systems and data are protected.

It is imperative your website is being maintained and looked after thoroughly with timely core code updates, design security patches, and website backups.

The average computer connected to the Internet can easily and unknowingly be compromised in moments.  As we saw this weekend, many attackers gain entry from simple mistakes or lack of knowledge, like clicking on links in emails from unknown sources.  You play an important role and can help protect your business, your information, and your customer’s information.  Help us help you: stay informed, ask questions when you have them, and stay current with appropriate security practices.

How to Protect Yourself from Ransomware:

1. If you use Windows, install the patch that Microsoft has released to block the specific exploit that the ransomware is using. You can find instructions on in the Microsoft Knowledge Base.  You can also directly download the patches for your OS from the Microsoft Update Catalog.
2. If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.
3. Update your Antivirus software.  Most AV vendors have now added detection capability to block WannaCry.
4. If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender.
5. Backup regularly and make sure you have offline backups.  That way, if you are infected with ransomware, it can’t encrypt your backups.
6. For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.

*UPDATE 9-13-2017*

According to leading website security company, Wordfence, ransomware is now specifically targeting websites and attempting to encrypt website files.

We also recommend that you have reliable backups. It is important that you don’t store your backups on your web server. If, for example, they’re stored in a ZIP archive on your server, then if your site is taken over by this ransomware, the backups will also be encrypted and will be useless. Your backups should be stored offline, either with your hosting provider or using a cloud storage service like Dropbox.

This newfound threat goes to show that hackers are actively trying to extort business owners and cheat you of your hard earn money.

We expect this to evolve over the next few months into fully functional ransomware that targets both your website files and database.  We also expect increasing incidents of extortion.  For websites that do not have a firewall and regular backups, this may turn into a profitable business for attackers who can ransom a few thousand websites.

The fact is that even features added to your website may make your website vulnerable.  Recently, it was discovered that over 200,000 websites were at risk due to code that enabled a feature to make the website more customizable. 

Keep Your Business Safe

We strongly recommend that you install professional website security software, or hire someone to care for your website to protect yourself and your business against these kinds of threats.

We have integrated malware scans into our firewalls as of last fall.  This allows us to use malware signatures that we create to catch ransomware variations in our firewall.  Using this technique can block an attempt to upload ransomware, even if the attacker used an unknown exploit.

Further, we suggest you ensure that you have good offline backups, and do make sure your backups are not on your web server.  Your backups need to be on a separate server or a cloud storage service like Dropbox or Google Drive.  Backups are the last line of defense.  It is better to avoid getting hacked in the first place.

If you have any questions regarding the security of your website, please contact us.