There are many different kinds of enterprises out there. And though the individual goals of these businesses may differ, one unifying thread connects them all: the need to access and protect information. Whether it's a major software company or a local flower shop, every company keeps track of and interacts with data. When the accessibility and security of that data is compromised, the aftermath can be harsh. And for companies not in the enterprise cloud, a malicious incursion can be devastating to business.
A law firm learns about the pitfalls of physical storage the hard way
For Charlotte, North Carolina lawyer Paul Goodson, the email that infected his firm's system looked like any other, according to WSOCTV. Because the firm's business phone system was known to send voicemail messages in the form of email attachments, Goodson thought nothing of one such email which appeared to contain a link to a voice message.
But once that attachment was opened, the firm quickly realized that they had unleashed a firestorm. Suddenly, every document in the company's system was inaccessible, and taking their place was a cyber ransom note to pay $300 for the recovery of the files – or else. By opening a single email, Goodson's firm had fallen into the trap of eastern European-based cybercriminals with singular goal: extract as much money as possible from vulnerable businesses.
Malware with a focus on exploiting company vulnerability
Goodson's firm had become the latest victim of CryptoLocker, a virus that illustrates the increasing sophistication of malware and the threat it poses to the business community. Traced to Poland and Russia, the virus has been profiting off enterprise weakness since September 2013, with an estimated return of $30 million as of February.
Businesses that are particularly threatened by this malware are those like Goodson's firm, which, according to Techworld, kept its information in an internal company server. Therefore, all the malware needed to do was infect a single space – in Goodson's case an email attachment – in order to easily overtake the company's information infrastructure. Scrambling through his files after the breach, Goodson discovered to his dismay that all of them – Word documents, PDFs and everything else – were encrypted.
In that moment, Goodson and his firm became just another victim – completely at the mercy of their attackers.
"The virus also warned if you tried to tamper or decrypt anything, it was going to be permanently locked and you could never open it," he said.
To Goodson, there was no alternative but to pay the ransom. However, according to WSOCTV, nothing happened when he did. Apparently Goodson had spent too much time deploying his company's IT team to defeat the virus, causing the malware to permanently seal off access.
A move to the enterprise cloud may have meant crisis averted
Had Goodson taken to the enterprise cloud, the crisis scenario he found himself in may have been avoided. That is because each business cloud platform has its own rigorous security protection infrastructure that prevents against malicious incursions.
Operating a business in the cyber age has myriad benefits, but there are also drawbacks. After all, the malware community is a sophisticated one, and its attacks are strategically focused on targeting enterprise weaknesses.
As Detective C.J. DeCarlo – an officer who specializes in cyber crime – pointed out, "These people are out to get money."
The intrinsic vulnerability of a physical storage platform is one reason why Goodson ended up forking over $300 – and it's another factor that explains why so many businesses are turning to a cloud service provider to meet their needs.