If your business is hit with ransomware, it is unexpected and shocking. A ransomware attack is not something that people constantly think about and always assume it can never happen to them. According to Varonis, nearly 56% of organizations reported a ransomware attack in 20191. When a business experiences a ransomware attack, it always comes with financial loss, business interruptions, and a lot of frustration. Some businesses bounce back but some do not.
A recent example of a recent ransomware attack is SEC Info, a subscription-based compiler of documents filed with the Securities and Exchange Commission. The owner, Fran Finnegan, was celebrating the 4th of July weekend when a customer noticed his website was inaccessible. Fran then realized hackers got into one of his servers, encrypted his data, and were holding it for ransom.
As of July 22, the website infosec.com is still down. Fran decided not to give in to the hackers’ demands. His research said the hackers are linked to a group that is known to take ransom money and not provide the information needed to release the data. He chose to build everything back manually.
Fran suspects the hackers were able to get into his system through a stolen password. He was using the same password for one of his servers as his email account. Fran had been using the same credentials since he founded SEC Info 24 years ago. He later discovered multiple of log-in attempts from an outside source in June 2021.
This situation highlights the importance of password protection. With the proper steps taken, crises like this could be prevented. Some of the examples of mitigation steps are:
- Set a password policy for your company. Ensure everyone is using passwords that are complicated along with a mix of upper and lower-case letters, numbers, and special characters.
- Require your staff to change their passwords regularly.
- Implement Multi-Factor Authentication (MFA). Multi-factor authentication is the most prevalent way to secure your accounts: It asks you to authenticate that you are who you say you are by supplying not only your passwords, but a unique code from your phone or an external application.