Could your nonprofit associations’ data be at risk? Even with good security, you may still find yourself in the unpleasant position of ransoming your data from an unscrupulous hacker.
New viruses such as the notorious “FBI” virus do not hijack your computer for their own nefarious purposes. Some viruses lock your computer down so that you cannot access any of its information. Instead, once you pay a fee – like a random in a kidnapping – the hijackers ‘release’ your computer.
If you think this can’t happen to you, think again. What used to be a threat to major targets such as large corporations or government organization is now a threat to anyone at any time. In fact, smaller nonprofits may be targeted more frequently than larger ones because small organizations do not have the means to fight back when they’re the victim of crime. Criminals such as data hijackers look for easy targets or organizations that do not have the financial resources to fight back. Any organization is at risk.
What Is Data Hijacking?
The best prevention against data hijacking is awareness. It’s important to understand what data hijacking looks like and how to prevent it from occurring.
Data hijacking occurs when a computer program called ‘malware’ enters your system. Malware means malicious software. A specific type of malware called “ransomware” enters your system through an infected email or computer virus. Most often, users inadvertently click an email link or download software containing the malicious program.
Ransomware installs on the end users’ computer and encrypts the data on the target computer so that it can no longer be read. The encryption is so sophisticated that only the operator of the program has the key that unlocks it. Hijackers demand payment for the data ‘key’ that un-encrypts or unlocks the data.
How Ransomware Gets Past Security
There are many ways in which data hijackers bypass your organization’s secure to target your computers. One common way is to clone an executive or CEO’s email address or LinkedIn profile. They then use the fake profile to send an email with a link to people in your company. They often target top executives but anyone can be targeted.
Once the link is clicked, it downloads the ransomware and locks the target computer. A message appears on the computer screen demanding payment to release the computer. Hijackers often request payment in bitcoin, an untraceable digital currency that’s easy to convert into cash.
Even after paying the ransom fee, there’s no guarantee your computer will be released. In some cases, the hijackers themselves are unable to decrypt the computers after payment is made to them. In other cases, the hijackers simply disappear with your money – and your data is lost forever.
Preventing Data Hijacking
The best way to combat data hijacking is through prevention. The following steps should be undertaken to protect against lost data from data hijacking:
1. Be vigilant when screening your emails. Do not click on links within emails unless your are absolutely certain it’s from a known sender. The same goes for attachments which can also harbor viruses and malware.
2. Keep your computer programs updated at all times. Patches and updates protect against various forms of malware, including ransomware.
3. Backup your data frequently. Store it on the cloud as well as in storage devices NOT connected to computers or the internet.
4. Use firewalls to segment company data. This way if part of your network is affected by ransomware, you may not lose all of it if some is protected behind a firewall.
5. Block pop ups and disable macros in key programs, which are often used to distribute malware.
If you suspect that your company’s cybersecurity has been breached and ransomware or malware has been launched, disconnect your computer from the internet as soon as possible. That may prevent the malware from downloading entirely or from infecting others.
Next, contact Welter Consulting. We can help you with both the immediate problem and creating a long-term strategy to protect against viruses, malware, and ransomware.
Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services to help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.