Ransomware Attacks Small Businesses
The rate of malware (ransomware) attacks on small businesses climbs at an alarming rate. The security firm McAfee warns that soon, attacks that come through social platforms will be “ubiquitous.” Small businesses are typically not able to subsidize the internal security placements to fend off these attacks, which mostly come from abroad.
Ransomware blocks your access to data, and the DoS (denial of service) attack threatens to crash your website unless you pay an extortion fee. It’s more organized, it’s more efficient, it’s more automated, it’s more stealthy.
While some businesses give in to DoS extortion demands, others won’t have it. Attacks usually start with relatively small demands, such as $300, to see who’s game. The demands will get pumped up into the thousands quickly once a businessperson pays the initial demand: Pay once, and it’s never over.
If you get a DoS, roll with it; have the extortionist think you need time to prepare payment. Then collect all relevant e-mails and other information for your defense—but not for the police (who lack tech savvy) or the FBI (unless the loss exceeds $5,000), but for your website hosting provider.
The hosting company can collect traffic logs and often can activate DoS defenses or link you to a provider of advanced DoS resolution.
A virus, however, is a different story. Once the virus gets in there and attacks your information, it’s pretty much game over.
Bottom line: Don’t pay the ransom unless you want escalating demands or the strong possibility the extortionist won’t unlock your data after taking your money. A DoS attack will render your site down for days and can permanently lose data and upset visitors.
To avoid a DoS, go anti: virus, spyware, phishing, and use a firewall and run backups. Train your employees well. You have to be conscious of where you’re going and what you’re clicking on.
Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.