It seems innocent enough, and happens all over America any given day. After a stressful week, you ask an employee to order a pizza lunch to reward your staff. Your office orders from a rotating list of local pizzerias, so the employee searches online for the menu, downloads it, calls, and places the order.
Increasingly, downloaded files of this nature contain a risk of serving up malware to your network.
Once malware is activated, criminals can take control of your data and hold it for ransom. Businesses are major targets because often business owners will pay large sums quickly to regain control of their business data.
In the past year, two First Business Bank clients were victims of this crime. One client made the decision to pay the requested ransom in bitcoin. In that situation, they got back some access, but not access to all of their data, which is very common. Working with criminals, there are no guarantees they’ll follow through on their promises.
The other client said, “Well, that’s how it goes,” and marched forward without paying the ransom, never receiving access to the encrypted data.
These two situations underscored, in my mind, that no one is safe from ransomware demands, no matter if you outsource your IT function or it’s performed internally. It’s extremely important to educate your employees to try to prevent ransomware scenarios as much as possible. Always back up your data to an off-site location, separate from your network.
As a business bank, we are on the front line of helping clients who are in these unfortunate situations, which is why we recently published three new resources:
- Ransomware: Tips for this Top Threat to Your Business
- Ransomware Prevention Checklist
- Ransomware Reporting Checklist
If I can make a difference with these best practices and get through to one business owner to prevent one crime, it’s worth it. The productivity alone lost in these ransomware cases is astounding, not to mention when they lose control of sensitive data to criminals who can use it for financial gain.
Our clients are very busy people and it’s more difficult than ever to elevate IT security as a top priority, but the alternative may be perpetually losing complete control of all data. How will that affect your business?