Ransomware: Small Business Owners Beware!

ransomwareThe Democratic National Committee is not the only victim of computer hacking[1].  In June of 2016, Bloomberg[2] reported on black market access to 70,000 hacked corporate and business servers.  Even LinkedIn was victimized by computer hackers[3] who obtained 117 million passwords.

To further complicate things, these types of cyber attacks oftentimes have a global connection.  On September 28, 2016, one of the FBI’s former most wanted hackers[4] pleaded guilty to conspiring to receive extortion proceeds and illegally accessing computers.  Peter Romar, who had been arrested in Germany and extradited to the United States, was a member of a hacking group known as the Syrian Electronic Army.  The group hacked into the computer systems of The Washington Post, CNN, the Associated Press, Harvard University and many others, then threatened to cause damage or sell data unless the business paid a ransom.

Types of Ransomware

In an attempt to educate and protect business owners, the Federal Trade Commission presented a seminar on September 7, 2016, exploring ransomware,[5]  which is malware that prevents or restricts a business from accessing their own computer system.  There are different forms of ransomware:

  • Lock ransomware: Lock ransomware can prevent a small business owner from accessing certain computer functions or even an entire computer system.
  • Encrypt ransomware: This version of ransomware can encrypt certain types of files such as Microsoft documents or PDF’s.  In many cases encryption uses a different key for each file making it difficult to decrypt the files.  Once encrypted, a small business can be prevented from accessing their own information including sales data, client receipts and other documents critical to running your business.

Steps for Small Business Owners

Fortune 500 companies are not the only ones affected by malware.  The New York Times reports that in 2014, 60% of all such hacks[6] were to small and midsize businesses, with no business being too small for a cyber attack.  You may want to consider meeting with a Chicago business lawyer to discuss ransomware concerns and to review the steps that every small business owner should take to guard against these potential cyber threats including:

  • Backup: If you have not reviewed your back up system and disaster plan in the past 30 days it is important to do so sooner than later.  Cyberattacks are constantly changing and it is important that your small business is protected with ongoing backups of all of your data including at least one back up to a cloud based system so that you can access your data from anywhere.
  • Ransom: Even if those who hacked into your small business are requesting a relatively small ransom, there is no guarantee that you will gain access to your computers or your system if the ransom is paid.  More than a few small business owners have been asked for additional ransom monies after paying the initially requested amounts to the hackers. The FBI recommends that small business owners do not provide ransom monies to the extortionists[7].
  • Links and Attachments: If you own a small business, it is important that you convey to your entire staff that they should exercise caution in opening any link or attachment, even if they know the sender of the digital communication.
  • Security Audit: A Chicago employment lawyer can review your current security and disaster systems and provide guidance in determining necessary modifications including updating antivirus software and strengthening passwords.
  • FBI: The FBI[8] further recommends that small businesses 1) download software only from trusted sites, 2) never click on a URL contained in an unsolicited email and, 3) use a pop-up blocker to combat ransomware attacks.

Contact an Experienced Chicago Business Attorney

A cyber computer hack can affect any business owner at any time.  The experienced team of Chicago business laweyrs at Bellas & Wachowski are familiar with ransomware, the long term debilitating effects it can cause both you and your business, and how to deal with it when you are hit.  Call our Chicago business lawyers today for a free consultation at 847-823-9030 x216 or use our online contact form.

References

[1] Democratic National Committee computer hacking

[2] Hacked corporate and business servers

[3] LinkedIn passwords hacked

[4] Hacker pleads guilty

[5] Federal Trade Commission exploring ransomware

[6] Small business hacked

[7] Ransom extortionists

[8] FBI recommendations