Ransomware: Locked Files AND a Data Breach

CryptoWall warning!!The recent discovery regarding CryptoWall has changed the way we need to respond to ransomware.

As described in our previous blog, ransomware encrypts your computer’s files (rendering all data inaccessible) and demands a ransom in order to decrypt the files.  Since Cryptocker ransomware first showed up in September 2013, there have been a number of copycats including CryptoWall, New CrytoLocker, DirCrypt, CryptoDefense, and Critroni.  These variants of CryptoLocker differ in their demands for the ransom payment and the instructions regarding how to unlock the infected machine.

While ransomware has changed, the response to these forms of malware has, up to this point, remained the same.  Companies have paid the ransom, or have removed the malware and restored files from backup.  The response now needs to change.

In May 2014, the brokerage firm of Benjamin F. Edwards & Co. was infected with CryptoWall and found that this malware may have much more serious implications.  Three days after their computer systems were compromised, the company’s investigation ascertained that customer data was transferred to a suspicious IP address.  The company therefore responded to the ransomware infection with a breach response.  They sent out breach notification letters to thousands of their current and former customers to notify them of the breach and to offer them identity protection, fraud protection and credit monitoring for 12 months at no cost.

If your employee is a ransomware target, and your employee has access to your organization’s data, your organization may have suffered a data breach.  In addition to the cost of recovering the data, if your company deals with private information, your company may now also face the extensive costs of responding to the breach.  These costs include the actual cost of staff time, mailings, and credit monitoring for affected individuals, the financial penalties imposed by regulators, as well as the indirect costs of damage to the organization’s reputation.

Breaches of private information from organizations such as financial services firms, lawyers, and companies which deal with credit card information are regulated in many states including New York.  Private information includes a combination of a person’s name, Social Security number, driver’s license number, bank account number, and/or credit and debit card number with PIN or access code.  For companies that work with personal health information (PHI), breach notification requirements are also regulated by HIPAA and the HITECH Act.

The frequency of breach reports is increasing.  The biggest percentage of healthcare breaches are still caused by a lost or stolen unencrypted mobile device.  Nevertheless, data breaches are increasingly happening by means of the Internet and they are happening to companies in many industries.  Most organizations find out about their breach from a phone call from someone outside the company.  However, ransomware is one type of breach event that the company will very quickly come to know once it realizes that all its data has been encrypted and is inaccessible.  Companies working with private information need to prepare to avoid a breach and they must have a breach response plan in place.

The best way to avoid a breach caused by ransomware is to train employees about internet security and how to recognize malware attacks.  Stemp Systems has programs designed to educate your staff and sends regular security alerts to raise awareness about new malware tactics.  Join our mailing list to help keep your company and data safe.

Email Down – Everything Down – Is the Cloud the Answer?

Email Down Microsoft Exchange was down recently on Tuesday, June 24, 2014.  The service outage of this online email service left many users in the United States without email all morning, and many into the evening.  The official downtime was 8.65 hours.  This outage resulted in many frustrated people unable to communicate and thus unable…

Data Breach: Could This Happen to Your Medical Practice or Business?

NRAD’s Breach We frequently hear stories in the news about data breaches…generally large breaches of millions or perhaps tens of millions of names, dates of birth, social security numbers and credit cards.  The exposure of 70 million names and credit card numbers of Target customers is probably the most infamous recent example. But this week…

Stemp Systems Achieves Cisco SMB Specialization

Stemp Systems Group is proud to have met all the criteria required to achieve Cisco’s Small and Midsize Business Specialization. The SMB Specialization recognizes Stemp’s focus on meeting the technology and services needs of small and midsize businesses. To earn the SMB Specialization, Stemp fulfilled all the required Cisco SMB training and passed all exam…

Technically Speaking, There Are Several HIPAA-Compliant Ways for Doctors to Communicate with Other Doctors

In this fast-paced world, medical providers save time by sending clinical information to other providers using messaging systems conveniently available on smartphones, laptops, and desktop computers.  Some medical practices have started using EHR features for sharing patient information.  In addition, many healthcare providers still rely on fax to send documents to patients, insurance companies, and…

(c) Ulistic Inc. | Search Engine Optimization Calgary | Calgary Small Business Marketing | Calgary Business Networking