Smart Business Magazine, December 2019

66 Smart Business Cleveland December 2019 INSIGHTS ACCOUNTING A growing threat If the idea of a ransomware attack doesnt keep you up at night it should Ransomware is like New York City says Shawn Richardson principal of Cyber Services at Rea Associates Ransomware is a type of malware designed to threaten to publish the victims data or block access to company data until a ransom is paid The two main types are designed to encrypt or lock out information so data arent readable and the victim cannot gain access Locker ransomware locks the computer server or device and Crypto ransomware prevents access to files or sensitive data through encryption Believe it or not ransomware dates back to the late 1980s with the AIDS Trojan Its been evolving since Just like how New Yorks downtown buildings have constantly changed over the past 25 years ransomware gets bigger better and more modern as bad actors build upon past forms Its gotten sophisticated Richardson says The ransomware is injecting itself inside of applications such as email through phishing Often all it takes is clicking on an email to execute some malicious code Then it attaches to local information stores like customer databases or accounts payable The cybercriminal promises to restore the data if the victim pays a ransom but there is no guarantee youll get your data back even if you pay In some instances attackers ask for a little bit of money first to generate trust and then extort more funds Smart Business spoke with Richardson about the ransomware threat which may loom larger than you think What are examples of ransomware attacks The most prevalent types of ransomware are CryptoWall Locky and WannaCry But as they get used people take the code make copies and improve it with higher levels of encryption There are variants that are uncrackable and federal authorities dont have the ability to reverse engineer the modified versions of ransomware In one case ransomware was dropped into a companys Microsoft Office 365 It locked down the user database Then it elevated the account permissions to allow the attackers to exfiltrate information and sent emails to the organizations bank Fortunately the federal authorities caught on to what was happening before funds were transferred In another instance a services company with fewer than 50 employees was attacked The ransomware hit the backups first which were not properly segmented off from the existing networks and then locked its customer database and service contracts The business never recovered the data and ultimately had to go back to a backup that was incomplete and nearly a year old Do businesses need to actually be attacked to feel the effects of ransomware No A business can run the risk and hope nothing will happen but it may grow large enough that its contractual obligations with third parties require a cybersecurity framework audit software etc Otherwise the company wont get that business Which companies face the greatest threat Small and mid sized businesses are the most at risk today as the lowest hanging fruit within the threat landscape Surveys have found an estimated 80 percent of small and mid sized businesses have been victimized by ransomware within the last 18 months and only 20 percent of them reported it These companies typically dont have an IT company with expertise in security mechanisms and controls managing their infrastructure Owners of small and mid sized businesses often dont put the resources into a cybersecurity strategy because they dont recognize the need although this is starting to change as theyre targeted Within the small and mid sized business sector the most targeted are health care which includes small doctors offices and government organizations like schools Where do you recommend businesses start with risk mitigation You should put in security controls and a framework to protect your company Bring in a trusted adviser to talk about the risks within the operation and how to protect important data Consider putting in a customized cybersecurity strategy that makes sense Johns Auto Body will have a very different approach than Bobs Dental which must follow certain regulations It all starts with a business conversation and its critical to have that conversation before the bad actors get ahold of your information SHAWN RICHARDSON Principal Cyber Services Rea Associates 234 249 3478 shawn richardson@ reacpa com Insights Accounting is brought to you by Rea Associates WEBSITE Learn more about how to protect your business from cybercrime at www reacpa com INTERVIEWED BY JAYNE GEST