Ransomware: The new threat to your website.

Ransomware, once a menace mainly for consumers, has recently become a significant threat to business websites, even small ones. Please read the following important notice about this new risk and our recommendations for mitigating it.

WHAT EXACTLY IS RANSOMWARE?
Ransomware is a form of malware that encrypts or hides a victim’s files. The attacker then demands a ransom from the victim to restore access to the data, usually via bitcoin payment so the attacker can remain anonymous.

HOW RANSOMWARE WORKS
Hackers, employed by sophisticated criminal enterprises and governments like China and Russia, continually attack websites until they gain access. Once inside a website’s administration panel, they kidnap the site’s data files (by moving them or encrypting them) until a ransom is paid to release them.

In the case of most clients, the files affected could be a database of items in inventory system, or simply pages in a WordPress website. But the most important thing to know is that at the end of the process, the files cannot be decrypted without a mathematical key known only by the attacker. The user is presented with a message explaining that their files are now are now inaccessible and will only be decrypted if the victim sends an untraceable Bitcoin payment to the attacker. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin.

HOW CAN YOU PROTECT YOUR SITE?
We strongly advise that all clients take the following actions:

  • Improve passwords and update them monthly:
  • Make sure your password is a combination of alphanumeric characters, symbols, upper and lower case characters and is at least 12 characters long.
  • Do not use the same password for all your different website logins.
    Change your passwords monthly to keep them doubly secure.
  • Store users’ passwords in encrypted form. This ensures that even if there is a security breach, attackers do not get their hands on actual user passwords.
  • Upgrade to two-factor authentication
    We recommend that all client sites implement two-factor authentication for all logins. That means we’ll install an additional security feature on your site, that requires you to enter an additional code to login to the site, usually sent to your cell phone via text message.
  • Add a web application firewall to your hosting package

A Web Application Firewall (WAF) inspects incoming traffic and weeds out malicious requests –- before a hacker gets to your site. These could-based systems are available to add to your site for a small monthly fee added to your hosting.

To learn more, please consult the following article, courtesy of ZDNet.

To discuss options for your site, please contact Lyn Nielsen at [email protected] or 631.428.4654.