Proactive and Reactive IT: An Approach to Ransomware

Being in the IT business and working with a variety of companies to address their IT needs has provided some perspective on how businesses approach their IT budgets. The fact is, most of the organizations we work with approach their IT in two very different ways, proactive and reactive.


Sadly, the reactive approach is much more prevalent

The reactive approach is becoming increasingly dangerous as ransomware attacks rise. To adequately explain and address the different approaches to IT, we will create two imaginary companies; the first is Vul. Nerable, Attorneys at Law and the second is Ready Accounting.
 
Mr. Nerable Esq. has been an attorney for a little more than 20 years and has grown his business into a very successful practice. The Vul. Nerable Law firm has three offices, 16 attorneys, 12 paralegals, and 10 support staff. He does not have a dedicated IT employee. IT is not essential to Mr. Nerable because everything works.

Mr. Nearable's approach to IT has always been to upgrade each computer workstation when it finally dies, purchase wi-fi routers from a big-box store and utilize Google for his business email solution. Mr. Nerable does have a Google Drive for his employees to store and share documents, but that is it. And if we're honest, Mr. Nerable isn't doing these things himself. His trusty executive assistant of 22 years, handles most of the IT purchases.

So, the IT budget for the Vul. Nerable Law firm is small, almost non-existent. It’s only used to replace hardware when needed, say about $10,000 per year (not including internet services). Mr. Nerable is a successful attorney and businessman. He has grand offices, expensive cars, and fancy suits; everything in his world is just right.

Now, it’s a normal day, and let's say that one of Mr. Nearables' support staff employees opens an email containing a document infected with ransomware. The employee moves the document to the cloud and emails it to a fellow employee, asking what to do with the document. A week goes by. Nothing happens at the law firm.

Early on a Tuesday morning, one of the attorneys is preparing for court later that day. They double-click the legal brief document to make some final adjustments, but instead of a familiar file, they see a pop-up screen with instructions to send $278,000 in Bit-Coin to decrypt the document. He picks up the phone and calls Mr. Nerable, who sees the same thing at his computer with a spreadsheet he is attempting to open.


Panic ensues as every employee of Vul. Nerable Attorneys at Law find they are unable to access anything, anywhere

Mr. Nerable sends an email out to the company and says not to worry because he has an external backup hard drive plugged into his computer. Unfortunately, the external hard drive is encrypted as well.

Mr. Nerable opens google and starts searching for an IT company to assist. He reaches multiple IT companies who give him a very similar answer; there is little that any of those companies can do.

Very agitated, he follows the directions on the ransomware pop-up window and proceeds to pay $278,000 to decrypt his files. The criminal on the other end of the dark web chat acknowledges the receipt of the funds and explains that the decryption will start soon. Mr. Nerable, being an aggressive attorney, demands that they decrypt the files now. There is no response back from the hacker.

He furiously waits hours, which turn into days. Frustrated, he gets back into the chat room with the criminal and forcefully asks for an update. The answer he gets back is chilling. The criminals ask for another $100,000 to decrypt it because they didn't like his attitude. By this point, Mr. Nerable has lost far more than just money. He proceeds to pay again, this time, without a word.


This story parallels an actual real-world scenario These hackers are here to exploit every dollar they can get out of you. They have no obligation to follow through on decryption. They are criminals.


Now let’s address the proactive IT business: Ready Accounting

Mr. Ready doesn't like IT but understands its importance. He has been in business for 23 years and has multiple employees. Mr. Ready contracts with a Managed IT Service to keep his business technology secure and efficient. Spending nearly $60,000 a year on his Managed IT Service, Mr. Ready knows that he could never afford a quality IT employee at that rate. It just makes good sense, and it's one less thing Mr. Ready must concern himself with.

One day, a Ready Accounting CPA opens an email with the subject 'Quarantine - Are you ready for summer?'; but it's not the actual email. Instead, it's a link to a service called Advanced Threat Protection, provided by the Managed IT Service supporting Ready Accounting. The employee clicks the link in the email, which opens a browser that allows her to view the email. The notes on the browser state in bright red 'This email may have malicious software links; if you do not recognize the sender then press 'DELETE.'

The Ready Accounting employee deletes the email, which happens inside a browser and outside the business network. She sips her coffee and moves on with her day, not even aware that she just prevented a ransomware attack.


Let’s get to the point...

While Mr. Vulnerable saved money initially by not taking a proactive approach, his team and technology were sub-par and eventually led to his inevitable encounter with ransomware. His expense may have been a one-time hit, but his loss of productivity and reputation are scars that will need to heal. The opposite is true of a well-functioning business with a Managed IT Service. Yes, they have a monthly IT support expenditure, but they are also more efficient, productive, and secure.

Which business are you? Are you adequately prepared to fend off a ransomware attack? Are your employees trained? Is your network, email, and cloud storage secure? What about your backup solution? If you can't answer these questions with a confident 'YES,' then it is past time to have a conversation with Bit-Wizards.
 
Comments
 
comments powered by Disqus

Author

Jason Monroe, Associate Director, Solution Development
Jason M. Monroe

Associate Director, Solution Development

Read more