Skip to main content

When a major institution such as the University of Calgary reveals that it was forced to pay a $20,000 ransom in order to try and recover critical system data resulting from a cyberattack, you have to wonder if smaller businesses can protect themselves.

Criminals are making money hand-over-fist with ransomware. It's on the rise in Canada and everyone is a potential target.

What is ransomware?

Story continues below advertisement

Ransomware is a type of malware (bad software) that scours your computer and network for files (documents, pictures, videos, etc.) and then stops you from accessing those files using encryption. It locks you out from your own data.

Criminals use a number of techniques–like phishing e-mails–to trick you into infecting your system. Once they have a foothold, the ransomware is delivered and that foothold turns into a stranglehold.

This process is entirely automated, very effective, and extremely profitable for these criminals. Profit is the motivation here and because you value your data, everyone and every business is a potential victim.

Ransomware is a low risk/high reward activity for these criminals. Fortunately with a few simple steps, we can rebalance this equation.

Prevention

The first thing you need to do is to reduce the risk of infection. We know that criminals like to try and trick victims through phishing emails. These messages look like legitimate messages about an outstanding invoice, incoming shipment, or something else designed to get you to click on their links. Make sure that your business is using a strong e-mail protection gateway to filter this spam out. You don't have to buy your own, you can get this type of filtering as a service. It's well worth the investment.

The second thing you need to do is to ensure that your software is automatically updating. Most software (whether it's your desktop, tablet, phone, etc.) offers this as an option. It's free, highly effective, and you don't have to lift a finger after you turn it on.

Story continues below advertisement

With your software up to date and strong e-mail filters in place, you can round out your prevention steps by using a modern anti-malware program. Defending yourself online requires multiple layers of protection and a constantly updating anti-malware program will help reduce your overall risk of infection.

Recovery

There are some "experts" out there that will tell you if you do everything right, you won't ever get hacked. Sadly, the situation isn't that simple. Taking the steps above will help reduce your risk of infection but you still should have a plan in place to recover in case you are successfully attacked using ransomware.

This is where regular backups come into play. Backups are the unglamorous workhorse of a good recovery plan. The good news is that backing up your data has never been easier.

Depending on your setup, this could be as easy as getting an external hard drive and using your computers built-in tools to regularly backup your data. Most ransomware will try to attack your backup, too, so it's a smart idea to keep your backup drive disconnected when not in use.

Remember to plug it in once a week (or every night if you generate a lot of data) in order to keep your backup up to date. Either way, make sure you put a reminder in your calendar to run the backup regularly and – just as important – periodically test it to make sure it's working.

Story continues below advertisement

It's worth taking the time to do it right, especially when you consider that ransomware is on the rise and is only going to get worse. Criminals are simply making too much money–about $300-million globally over the past two years–to stop any time soon.

Mark Nunnikhoven is vice president of cloud research at Trend Micro, an IT security company.

Report an error
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.
  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.
Cannabis pro newsletter