by Eric Schlissel, CEO/CTO of Cure8

Ransomware is everywhere in the news lately. It caused the shutdown of the largest refined oil pipeline in the U.S.; disrupted the operations of the world’s largest meat processing company; and continues to disrupt operations at hospitals around the world, even as the pandemic has surged and waned and surged again. 

The question many cannabis businesses are asking themselves these days is – could I be a target, too? 

The answer is yes, since ransomware gangs target businesses of all sizes and in all industries, including cannabis. At the same time, there are a couple of reasons why many cannabis businesses are less likely to be targeted, which we’ll get into.

What Is Ransomware?

By definition, ransomware is a type of malware that encrypts your files so that they’re inaccessible and demands a ransom in the form of cryptocurrency in exchange for a decryption key to restore your data.

Ransomware is designed not only to encrypt the files on the device it infects, but also the files on anything that the device has access to, including other computers, servers, company file shares, and backups. You can run into a situation where literally all your company’s important files are encrypted before you even realize what’s happening.

Why Windows Is Key

Most forms of malware, including ransomware, are designed to target Windows devices only, mainly since it’s the most popular operating system (OS) in the world and the one that most businesses use.

Fortunately for cannabis companies, most of their actual operations don’t rely on Windows. Most cannabis point of sale (POS), enterprise resource planning (ERP), and cultivation software and industrial systems are non-Windows or cloud-based, though there are a few exceptions to this including BioTrack.

A lot of their most critical data – including track-and-trace and inventory and transaction records – are on these non-Windows platforms, and so are relatively safe from being encrypted by ransomware.

Still, a lot of them still use Windows PCs and servers in their back offices and headquarters. 

So while a ransomware infection might not be a complete disaster for most cannabis businesses – resulting in days and weeks-long outages and recoveries for the entire company – you still have to worry about critical administrative and other non-operations data being encrypted, as well as whatever damage hackers might do with access to your back office and HQ networks, including stealing intellectual property and banking info. 

Protecting Yourself from Ransomware

Firewalls

Network-level firewalls, the IT equivalent of a dispensary security guard checking IDs at the door, can protect you from ransomware by blocking traffic from unknown, suspicious, or blacklisted domains (keeping hackers from both entering your network and transferring data in and out); preventing users from accessing malware-laden sites like adult, gambling, and piracy sites; filtering out malware and spam; and alerting you to suspected intrusions.

Employee Training

The most common source of ransomware? Employees doing things they shouldn’t, like opening attachments in emails from people they don’t know, getting tricked into entering their passwords into phishing websites, visiting websites they shouldn’t be accessing at work, or setting passwords that are easy to guess. Make sure to train them on how to use IT securely when at work.

Secure Your Windows Machines

Including by protecting all Windows machines with strong passwords; setting up encryption (the good kind that prevents hackers from accessing your data); never giving users admin-level Windows access; requiring that users get permission before installing applications; giving users access to only the applications, files, and servers they need access to; applying security updates as soon they’re released; and installing antivirus or enabling Windows Defender.

Backups

Backing up your data won’t prevent a ransomware infection, but it will allow you to recover your data without having to pay the ransom. Just make sure your backups are isolated enough from the rest of your system that 1) your backups aren’t encrypted; 2) you don’t overwrite your backups with the encrypted versions of your files; 3) you don’t back up the ransomware itself.

Ransomware Isn’t Just a Threat, It’s a Wake-Up Call

We don’t know all the details about the Colonial Pipeline hack, but recall that it reportedly wasn’t actually ransomware that brought down the pipeline itself. Instead, ransomware affected some other areas of the company, and Colonial shut down the pipeline to be safe and determine the full extent of the hack.

So just because your most important applications and data are relatively secure from ransomware doesn’t mean you’re not susceptible to hacking in general.

Even if hackers break into your systems and can’t encrypt your files to hold them for ransom, they can still:

• Steal credentials
• Lock you out of your accounts
• Steal sensitive data including intellectual property, banking info, customer data, embarrassing emails, etc. and leak this data on the internet
• Use their access or stolen information to trick employees into wiring them money

So don’t view ransomware just as a threat in itself that may or may not affect your business. Cyber attacks existed before ransomware and will still exist after it, if they’re ever brought under control. 

View it as an opportunity, now that IT security is as on the top of everyone’s mind as it’s ever been, to take a serious look at your IT security and make the needed investments to protect yourself against both current and future threats.

Eric Schlissel is the CEO/CTO of Cure8, one of the world’s leading cannabis IT services providers. His company helps dispensaries, distributors, manufacturers, and cultivators throughout the U.S. and Canada to plan, install, secure, manage, and scale their IT.

He has been a featured panelist at many cannabis industry events, including those put on by the NCIA and CCIA. He’s also a respected IT thought leader outside of the cannabis industry, being quoted in publications such as Wired, the Los Angeles Times, InfoWorld, and Information Week. Outside of work, Eric can be found gardening with his two small children, trying to perfect the feat of growing a thriving basil plant and ripened tomatoes at the same time. He is currently developing in the fine art of bourbon tasting, enjoys travel, and is a foodie-wannabe.