Ransomware is not your friend. It\u2019s lurking out there to take over your computer and business systems to extort money from you. Keeping this wolf from your door takes some doing.\nThe sneak attacks come attached to emails. When opened, these attachments infect your computer and lock it up until you pay the ransom demanded. According to Infosec Institute, \u201cSmall businesses usually lack sophisticated computer defenses thus making them very vulnerable. An overwhelming majority, some reports by Intel say as much as 80%, of these small and medium-scale businesses don\u2019t employ data protection or email security.\u201d\nImpact of ransomware\nIn a 2016 Osterman Research survey of 540 CIOs in four countries, 40% of the respondents said that their businesses had been attacked. A total of 47% of those were in the United States. Ransoms demanded ranged from $1,000 to more than $150,000, and 40% of the hostage companies paid.\n\n\nResults: State of Ransomware Global Rep at Black Hat 201680% attacked 40% of survey participants ransomware victims https:\/\/t.co\/OOYFZRqi7Q\n\u2014 LUCY Server (@lucysecurity) August 18, 2016\n\n\nWhile 60% of the respondents said they spent nine hours or more fixing the problem, 19% said they had to stop business altogether. And the attacks endangered lives in 3.5% of the cases. A main concern is the fact that most intrusions occur on desktop computers inside the business\u2019s existing security setup.\nResearch International conducted a survey of IT experts and found that \u201c43% had customers fall victim to ransomware\u201d across 22 industries. They found 41% of the victims were small businesses that lost three days of their access to data.\nSome 71% of those infected paid ransoms, typically under $500, but \u201cwhile 71% of ransom pirates restore the customers\u2019 files after being paid off, 1 in 5 customers who paid the ransom failed to recover their files.\u201d While relatively little was paid in ransom money by the companies surveyed, the financial impact of lost time and recovery is significant and foreshadows future losses.\nReuters, on the other hand, quotes FBI reports of business losses of $209 million in the first quarter of 2016. Pirates have hit large users like Hollywood Presbyterian Hospital, Michigan\u2019s Board of Power & Light and the Texas North East Independent School District, among others.\n\u201cThe loss and exposure of confidential data from a cyber attack is costly to both the people victimized and the businesses whose data was compromised. The goals and methods of cyber attackers are evolving and will continue to evolve. With proper visibility of devices entering and leaving the network, education and training for staff, data encryption, and real-time scanning can minimize the risks if combined with proper backup and disaster recovery planning,\u201d warns Dave Philistin, CEO of Omnificent Systems.\nHow it works\nCriminals infect computers in three ways:\n\nBotnets, rootkits and malware installation infect a computer with malicious software that spreads to other computers and can be managed by the criminal initiator.\nSpam and social engineering schemes target individual users, enticing them to open messages or offering them some opportunity for clicking through to something seemingly desirable and then releasing a virus to infect and spread.\nDrive-by download and malvertising offer a double threat. The drive-by downloads malicious software without even asking you, and malvertising attaches poison to ads that attract users.\n\n\u201cIt only takes one PC getting compromised to lead to a widespread attack. One machine can encrypt network file servers and begin attacking other PCs on the network,\u201d explains Don Pezet, super host of ITProTV.\nIn any business, the human resources (HR) department receives more email than other offices. HR staffers are forever getting emails from job applicants. Moreover, HR data is a priceless pirate trove of personal identity information that thieves can use to expand their enterprise.\nHow to safeguard HR\nWriting for The Society of Human Resouce Management, Aliah D. Wright reports on studies that show, \u201c81 percent of IT professionals said laptops \u2014 both company-owned and personal ones employees use for work \u2014 are most vulnerable to a breach. That\u2019s followed by desktops (73 percent), smartphones (70 percent) and tablets (62 percent).\u201d\nPierluigi Paganini analyzed a study by Intel Security with alarming results. Participants were given a list of emails and asked to identify those that were phishing. Paganini says that \u201conly 3% got all answers right\u201d and adds that \u201c80% of the surveyed people got at least one wrong answer.\u201d If users only recognize one in four phishing emails, you get some sense of the vulnerability. So if HR is an easy and lucrative target, the business must defend itself forcefully. It\u2019s no longer a question of if the company will be attacked but when.\n \nEverything depends on intensive education. Most of the malware comes through employee error. HR staffers must learn not to open attached files with .doc, .pdf or .txt designations. New and current staffers need training and reminders. Corporate trainers should prepare documents and calendar sessions on instruction and updating.\nIT must give them what they need in the form of strong web filters and spam management. The CIO must have systems in place to evade, quarantine and shut down invasive ransomware. Just as important, IT must have a working backup plan distinct from the business network. \u201cIt\u2019s extremely important that companies secure their backups offline to prevent them from becoming infected as well,\u201d says Pezet.\nIT must implement businesswide and department-specific strategies to detect and remediate invasive software. And management and staff must know the response mechanism.\nIT can segment databases and restrict access to authorized users. Segmentation could defeat contagion and networkwide damage.\nHR can restrict traffic in incoming applications to a dedicated workstation. The staff can work as a unit or as trained individuals to confine such traffic to the one system.\nThe future of ransomware attacks\nThere\u2019s good news and bad news when looking into the future. The good news is that small businesses are small pickings for cybercriminals \u2014 though ransomware is a troublesome nuisance when you consider the price of defense and remediation.\nThe bad news is that the people behind ransomware-as-a-service(RaaS) schemes apparently see the financial promise in broader and deeper infections. That they are criminally willing and able to serve and support other criminals makes it something to fear now and into the future. The ability to field a rapid variation of infections concerns CIOs who race to get ahead of the curve.