Blake Dowling: Ransomware, a high-stakes ‘Press Your Luck’

499979-ransomware-feature
One click and your files are toast; all encrypted.

This week, ransomware rocked a company in North Florida.

Imagine your website, email, cloud storage solutions … gone. Kaput.

You call and get a message saying: “We are down, and we don’t know when we will be back up.”

Usually, this type of encryption threat (like the popular CryptoLocker) comes in disguised as a friendly email from your financial or shipping partner.

Then, BLAMMO!

One click and your files are toast; all encrypted.

Opening email has become a high-stakes game of “Press Your Luck” (the greatest game show ever) and it usually does not happen to the tech companies themselves.

Press Your Luck: Only the greatest game show EVER.

That’s what makes this such a frightening development.

In the situation of the Tallahassee company, what they did after the fact is the worst thing you can do.

According to the Tallahassee Democrat, they paid the ransom.

Just like negotiating with terrorists, never pay the ransom.

Why? Because it only encourages them to do this to more people. What’s worse, they may or may not give you the encryption keys to get back up and running.

So, why did they pay? Usually when someone pays it means they have no backup and no other way to get back in business.

It is not the first time Network Tallahassee made the news, it would appear one of their execs is already in jail. You can read about that here if you like.

With all that, what can your company do to prepare?

First, have a bundled arsenal of cyber protection tools, including a security system with features such as GEO IP filtering to block non-USA IP addresses.

That step alone will minimize the risk of becoming a victim, as most cybercrimes aren’t from around these parts (China usually holds the No. 1 spot).

Then, keep your anti-virus and anti-spam tools current. Use modern, patched and updated operating systems, keep passwords complex, go through cybersecurity training

And if all else fails, have redundant quality backups.

Entire cities (see Jupiter, Miami, etc.) have been shut down by cybercrime, and social media accounts get hacked all the time because of poor password management (see Tampa Mayor).

Don’t let this happen to you.

The threat landscape gets more devious in 2019; the days of mass spam embedded with malicious code are winding down.

More likely, you will see emails addressed to you, referencing things you are actually working on.

This is called “social engineering.” One major downside of working in The Process (or some other high-profile field) is that your name, contact info, etc. are easy to find.

So, buckle up, tighten up and consider some phishing email testing to see which team members might be vulnerable to clicking on cyberthreats.

I have personally done this with a lot of organizations; the results are always interesting — and helpful.

Stay safe out there.

___

Blake Dowling is CEO of Aegis Business Technologies. He can be reached at [email protected].

Blake Dowling

Blake Dowling is CEO of Aegis Business Technologies. His technology columns are published by several organizations. Contact him at [email protected] or at www.aegisbiztech.com



#FlaPol

Florida Politics is a statewide, new media platform covering campaigns, elections, government, policy, and lobbying in Florida. This platform and all of its content are owned by Extensive Enterprises Media.

Publisher: Peter Schorsch @PeterSchorschFL

Contributors & reporters: Phil Ammann, Drew Dixon, Roseanne Dunkelberger, A.G. Gancarski, Ryan Nicol, Jacob Ogles, Cole Pepper, Jesse Scheckner, Drew Wilson, and Mike Wright.

Email: [email protected]
Twitter: @PeterSchorschFL
Phone: (727) 642-3162
Address: 204 37th Avenue North #182
St. Petersburg, Florida 33704