2017 was dominated by major ransomware attacks, a relatively new cyber threat which holds data captive until a ransom is paid. Last year’s WannaCry attack famously impacted more than 200,000 computers across the globe, with victims spanning across various industries. Just this past week, the company that makes chips for many iPhones, blamed a WannaCry variant for shutting down several of its manufacturing plants. In 2016, the number of ransomware attacks tripled, jumping from one attack every two minutes in the year’s first quarter to one every 40 seconds by the third quarter. While no organization is immune, regulated industries like healthcare, financial, and legal are more frequently targeted than others.
What is Ransomware?
Ransomware is a type of malicious software, often using a known vulnerability, that is introduced to a device typically via some combination of social engineering and carelessness (i.e. email phishing, USB thumb drive, etc.) The name ransomware comes from what happens next in an attack: once bad actors have access to a device or network, they quickly lock via encryption the victim’s files and demand payment – ransom – paid in cryptocurrency to unlock the files. Of course there’s no guarantee that the attackers will unlock the victim’s files even after ransom is paid, and even worse, the hackers could already have taken a look and found ways to further exploit the sensitive information they now control.
That’s why enterprise file sync and share (EFSS solutions) pose as a vulnerability that could potentially worsen these kinds of attacks. EFSS solutions possess large amounts of valuable data – probably all of your organization’s sensitive business documents. Most EFSS solutions automatically sync files from a user’s device up to the central (cloud) repository whenever a new version of the file is created or saved. If a file is shared with other users, the system will also sync the newest version to their devices. What does that mean if you suddenly find yourself a victim of a ransomware attack?
Consider the following scenario:
- You open on an innocent-looking email and download the attachment, which turns out to have an infected file, which immediately encrypts your files.
- Worse, your system is synced to your organization’s cloud content collaboration system, which syncs the infected file to everyone in your company. That means the file – now encrypted – is no longer accessible in the central repository.
- Not only could this attack cause panic across the company for fear of leaking business data, but this also interrupts employee productivity, forcing their workflow to grind to a halt because they can’t access their files.
Nearly 60% of businesses hit by ransomware had more than 100 employees, and 25% were enterprises with more than 1,000 employees. With so much risk at stake, your enterprise needs to implement a plan and set of tools that enable you to quickly and efficiently recover from a breach.
How BlackBerry Can Help
Cyberattacks continue to increase exponentially in size and frequency, causing billions of dollars in damage to our governments, businesses and society. Enterprise file sync and share (EFSS) solutions make it easy for organizations to share information quickly across a digital workplace, but these endpoints are quickly becoming prime targets for cyber-attackers. With an attack-ready EFSS solution, like BlackBerry Workspaces, your enterprise can quickly identify and isolate infected files and revert them to clean versions in a few simple steps.
In response to the growing threat presented by ransomware attacks, BlackBerry has integrated a new ransomware recovery feature into our Workspaces platform. With BlackBerry Workspaces’s latest security release, you can:
- Quickly contain and limit the spread of infected files
- Put tools in the hands of administrators quickly to respond to and recover from a ransomware attack, so your employees can get back to business promptly
- Leverage granular controls that allow you to selectively roll impacted users, files and folders back to pre-attack versions
- BlackBerry Workspaces’s ransomware recovery tools are readily available to the administrator to restore systems in the aftermath of an attack, with zero need for premium support or the assistance of a service provider
These features build upon the security-minded solutions BlackBerry has prided itself on to ensure businesses can keep running, employees can continue their work, and connectivity needs can be met without worry of malicious software attacks.