A popular restaurant chain in Canada, Recipe Unlimited, was recently hit with a ransomware attack. CBS News reported that the restaurant group received a message from hackers that read:
“There is a significant hole in the security of your company and we’ve easily penetrated your network.”
Hackers responsible for this ransomware attack in Canada claimed that they “encrypted” their files “with the strongest military algorithms.” Restaurant owners were then instructed to pay a ransom in bitcoin to get all their data restored. The amount of the ransom was unclear.
Another message said, “The final price depends on how fast you write us.” The hackers promised that the ransom amount would go up if the restaurant were slow in responding. Each day they delayed would cost another 0.5 bitcoin, which currently equals more than $4,000 Cdn.
The restaurant’s owners quickly realized that ransomware is much different than malware. The hackers take control of your database and refuse to give you access until you pay the ransom. That means you cannot conduct the business of any kind. All your programs, records, and IT resources stop working. Even bringing in a top technology guru requires time and their services will come at a premium.
Once you get hit, there’s not too much you can do—Especially if you own and run a busy chain of favorite restaurants. In the case of Recipe Unlimited, several locations had to close their doors and were not able to serve customers until the issues were dealt with.
Ransomware Attacks On the Rise
IT experts across Canada are warning business owners, schools, and organizations about the dangers of ransomware. In the past, hackers only went after big enterprises because they assumed they could get a bigger payday. But today things have changed. Restaurants, small businesses, hospitals, and colleges are the newest targets of cybercriminals. Why? Because they’re usually not well prepared.
Often a restaurant or small business doesn’t have the budget for the best IT security. They typically don’t take a proactive stance. Employees are untrained about the dangers of phishing emails. This leaves them wide open to ransomware attacks. All it takes is one careless employee clicking on a malicious link to stop everything at your eating establishment.
Usually, if attackers can infect one machine, the virus will quickly spread to the others. In restaurants, this includes cash registers that take payments, point-of-sale devices and dozens of computers and servers.
What Can You Do To Avoid Becoming a Victim?
In recent months, Hollywood Presbyterian Medical Center suffered a rather severe ransomware attack that encrypted much of the hospital’s network. Hospital administrators were beside themselves with worry. They had sick patients who needed their medications and treatments, but suddenly, their entire network just stopped working.
Eventually, they discovered that they’d been the victim of a ransomware virus known as SamSam. This dangerous threat is self-replicating, so it can quickly infect hundreds of machines on a hospital or corporate network. The hospital wound up paying $17,000 in Bitcoin to get their files decrypted.
But this type of cyber-attack always costs more than just the ransom amount. There’s the loss of services, the damage to reputation, possible lawsuits from patients who were endangered … the list goes on.
The number one question on most people’s minds is this:
“Could these victims have done anything to stop these attacks from occurring?”
The answer is a resounding YES! If the hospital had taken the simple precaution of training their staff about the latest phishing schemes and ransomware attacks, they might have avoided the whole incident. Typically, an attack begins when one employee visits an unsafe website or opens an infected attachment. Knowledge is power when it comes to cyber-attacks.
Even after the ransom is paid and services are restored, there are still so many expensive, time-consuming steps. The restaurant is still working with the Calgary Police Service in their investigation. An active investigation into a cyber-crime like this can go on for months.
The Cost Of Ransomware Attacks Is Growing
Today, experts estimate the cost of cyber-attacks to be between $1 million and $3 million per attack. They take into consideration the amount of the ransom, as well as the loss of business and damage to reputation. Many times, those affected will file personal lawsuits against the entity, especially where medical records are involved.
How Does A Next-Generation Firewall & Intrusion Prevention System Work?
It’s essential to have your IT company implement a next-generation firewall with an Intrusion Prevention System (IPS) to keep your computers and technology devices safeguarded against ransomware and other attacks. These can keep ransomware threats from getting into your network and stop them from self-propagating and infecting other computers and systems.
An IPS identify the dirty traffic coming into your network and stops it … only the clean traffic gets through. It finds and blocks malicious traffic so that ransomware never infiltrates your system. It also performs what’s called deep packet inspection of your network traffic to detect exploits and stop them before they reach your computers. Plus, an IPS monitors for and identifies suspicious activity, logs the data, attempts to block it, and reports it to your IT services company.
Should You Segment LANS & Connect Them To Next-Generation Firewalls?
Yes, but unfortunately many in-house techs don’t do this because they don’t realize they should. This is another reason why we see an increase in ransomware infections. If you don’t connect the VLANs or zones to a next-generation firewall, this leaves a vulnerability in your system. The firewall must be able to detect and control the traffic going through it. Make sure yours does.
Contact the IT Security Specialists at Rafiki Technologies for more information on protecting your Canadian organization against ransomware attacks.
If you found this article helpful, please visit our Media Center to learn more about these critical issues:
https://www.rafiki.ca/whats-so-important-about-my-out-of-office-message/
https://www.rafiki.ca/air-canada-data-breach-prompts-enhanced-mobile-app-security-measures/