Ransomware threat alert by Intermedia’s VP of Security
This notification was recently emailed by our VP of Security and Privacy to all Intermedia customers and partners. This is an extraordinary action that underscores the risks that ransomware poses.
However, every business is at risk, regardless of who provides their IT. So we’re reposting this note to help spread the word about this grave new malware trend.
Dear customers and partners,
This is a message from Ryan Barrett, Intermedia’s Vice President of Security and Privacy. I’m writing because I want you to be aware of a growing malware trend: ransomware.
This email includes an overview of the problem, advice on preparing your business for ransomware outbreaks, and links to a number of helpful resources.
WHAT IS RANSOMWARE?
Ransomware is a type of malware that blocks access to your computer system until a sum of money is paid. Many businesses are currently being targeted by “crypto-ransomware”, which actually encrypts the files on your computers. The attackers will only provide a decryption key if you pay them.
HOW SERIOUS IS THE THREAT?
The potential loss, however, is more than the cost of the ransom payment. The real damage comes from user downtime: when ransomware hits, your files may be locked and inaccessible for days, unless you have business continuity plans in place (more on that below).
Even if you pay the ransom, you’re strongly advised to wipe infected computers. This suggests that you will likely suffer downtime no matter how you respond to the criminals’ demands.
HOW DO YOU GET INFECTED?
Ransomware infections happen primarily through phishing emails. A user receives a seemingly innocent email and opens the attachment or clicks a link to download malware.
For Intermedia’s email customers, your inbound email is scanned and filtered for all known malware, including all known ransomware variants, based on industry leading virus signature databases. Unfortunately, there are entire criminal industries dedicated to developing new variants that are unknown to filters.
This is why it’s critically important to take the prevention steps listed below.
HOW TO PROTECT YOUR BUSINESS
I’m encouraging all Intermedia customers to take the following steps.
- Make sure you have file backups. If you don’t have file backup in place, I advise you to deploy a service immediately. I recommend SecuriSync by Intermedia as both a recovery solution and a business continuity solution, but any service can provide an alternative path to file restoration other than paying ransom.
- Educate your users about phishing. Good tips for helping your users recognize suspicious emails are contained in this Intermedia blog entry about phishing prevention.
- Educate your users about ransomware. Intermedia’s marketing team recently published a detailed report that provides a great overview of the ransomware threat. You can also watch this video playlist that I put together.
- Build a containment plan. Ransomware has been known to propagate from one user to another. This Intermedia blog entry interviews Intermedia’s own security team on how we would contain an outbreak.
- Deploy a business continuity solution. As a 2-in-1 file backup and sharing service, SecuriSync has a unique feature set that enables business continuity during a ransomware outbreak. Read more or watch this video.
LEARN MORE AT A LIVE WEBINAR
On May 4th at 3:00 PM Eastern/12 Pacific, I’ll be joining Intermedia’s SecuriSync Product Manager Bojan Dusevic on a live webinar to discuss ransomware and offer more details on how to protect your business.
This will be useful for all businesses, whether you deploy SecuriSync or choose a different backup service. I encourage you to register. (Partners, we have a special webinar for you on May 5th at 3:00/12:00. Partners register here.)
If you have further concerns about ransomware, feel free to contact your Intermedia Account Manager.
VP, Security and Privacy