Ransomware 101: Understanding the Growing Threat
Ransomware: a highly intrusive form of malware that essentially invades a victim's files and locks the user out by encrypting their system or files. As the name suggests, the attacker then demands a ransom from the victim in order to unlock the files and restore access.
Instructions are sent to the victim on how to pay the fee (usually in Bitcoin) in order to obtain the decryption key (unlocking of the files). Threats of deleting the files, dumping data on the Dark Web, or exposing private data to the public drive the leverage for attackers to receive payment. Costs can typically range from thousands of dollars to hundreds of thousands of dollars and even millions depending on the victim and their files.
Buyer beware! Paying a ransom does not guarantee you will obtain the decryption key.
How it works
As technology advances, so do the ways in which cyber attackers apply their methods. In the case of ransomware, the most common delivery system is Phishing or sending spam emails. The attacker targets an organization via an individual or a sends a mass spam email.
If you receive something questionable, DO NOT CLICK ON THE LINK/ATTACHMENT. Check with your dedicated security leadership if you are not sure of the authenticity of the message.
Most cyber attacks have become more elaborate and it can be hard to distinguish between a criminal and a government agency requesting your information to pay a fine. Providing any details or unknowingly downloading what is behind the fraudulent link/attachment provides the attacker with access to your system. The more aggressive the ransomware, the more damage that can be done.
Prevention Fast Facts
When it comes to ransomware, prevention is key. Here are some quick steps to help keep you safe:
Educate employees on email/attachment, web browsing protocol. It only takes one person to download ransomware.
Regularly update your operating systems.
Use next generation firewalls and antivirus tools.
Control who has network access and apply two factor authentication for emails.
Use Dark Web monitoring tools.
Back-up all your files regularly/automatically.
What this means for you
For cyber criminals, some forms of ransomware are easy to obtain and relatively inexpensive to purchasae on the Dark Web. This has created a giant influx in ransomware attacks, some data showing over 300% over the last 12 months. According to StaySafeOnline.org, around 71% of data breaches happen to small businesses.
This increase in attacks, paired with the direct and indirect costs of an attack create a higher demand for organizations to educate their employees and implement best practices.
We can help you defend your business
Are you concerned with Ransomware posing a threat to your company?
We’re here to help! Talk to a cyber security specialist today and get expert advice, proactive strategies and the right-sized cyber security solutions tailor-fit for you organization. Schedule a FREE cyber security discovery call today.