In some weeks, our New York and Connecticut-based IT service provider Apex Technology Services would get multiple calls from companies hit with ransomware – insidious software that locks up your computer network and doesn’t let you access your files unless you pay a ransom. A look back at some of our articles shows we have been focusing like crazy on education… We believe if companies and users in general are knowledgeable, they are less likely to have problems. For example in one week, we had a call from a major international company that we have all heard of – one of their divisions didn’t have backups and they were hit with cryptolocker. They paid the ransom. They felt they had no choice. The other call came from a small to medium business with a full time IT person who had backups scheduled daily but no archived backups. In other words, the backup they had also contained the ransomware. I am not sure which is the worse situation, to think you are prepared and find out you aren’t or to know you aren’t.
In 2013 we described why you should work with an It service company to minimize the chance you get a malware infection. Later that year, we emphasized the importance of backups. We also asked if you have a disaster recovery plan that same year. There is a point here. Apex Technology Services is the partner of over 100 companies – from Fortune 200 to doctors, dentists, lawyers and many financial organizations. We are growing quickly because we provide the best service level we are aware of at prices which customers tell us are reasonable. Most of them save money and some tell us we’ve saved their businesses. To be honest though, we try to put them in a situation where they don’t even know we’ve saved them because the goal is to be proactive and solve problems before they happen. This is why we write so many articles and this is why we hope you’ll read and share them so you become aware of all the things technical you should, to safely work on your computer system. We are more than a cybersecurity company of course, we also help companies become more productive and efficient through an array of IT services but I digress.
We wanted to share some important information with you. One of our most popular recent posts was titled Your Ransomware Payments may fund ISIS and could get you Indicted and in it we went on the record saying that ransomware payments must be north of one-billion dollars per year. At the time, we could find no other entity which placed the number anywhere near a billion dollars. We couldn’t back it up – in fact, no one really can because many companies and people don’t report when they get infected. It turns out now that the FBI has confirmed this number. Which again, we are fairly certain they are guessing at. They estimate the amount extorted in the first quarter alone is over $200 million. Also, it is unclear if this is in the US alone, if it includes businesses and if it takes into account productivity losses (we don’t believe it does.)
You can see from the CNN article that Ransomware awareness is becoming mainstream which is a good thing. Computer users have to not only worry about having their data locked up, they have to be concerned they aren’t funding terrorists by paying the ransom. The US government in fact tells you explicitly to no pay it. The only way to be safe is to have a plan ahead of time and then test the plan to be sure you are prepared. We offer tools like network anomaly detection which can minimize the effects of an attack but there is no way to guarantee you won’t get hit. Regardless of what your vendors tell you. We are unfortunately all vulnerable because software itself is inherently full of holes which need to be secured.
It does seem that you need to be an expert to be safe and this is likely a big part of why so many companies are looking to outside experts – so they can focus on their own businesses.
Whether you become a customer or not, we hope that you will benefit from our content and share it with others who can use it. If you do decide you need assistance – anything from auditing your systems to look for holes, cybersecurity training, managing your servers, placing our techs in your office full or part time, we hope you reach out and allow us to become a valued partner.