This is part one of five in a series on Ransomware that will discuss what ransomware is, key trends, types of malware, how to prevent attacks and how to safeguard your business critical data.
What Is Ransomware?
Ransomware is a type of malware that encrypts a single user or company’s files, data and information. Most commonly found in email, social networks and infected websites, it takes one click or download to encrypt business critical data. To be able to access your files again, the cyber criminals’ entice you to pay the ransom to not only decrypt the data but to also regain access into your files.
How does it work?
It takes one person, or a single workstation to cause havoc to your network. Cyber criminals study your general browsing habits: they will examine your social networks and other pieces of information to learn details about you to make their phishing emails (an email that is designed to look like it comes from a trusted source) more believable. For example: emails coming from trusted financial institutions encouraging you to update personal information (this information has to be updated in telephone or in writing) are a popular scam. By either clicking on a link in an email, or visiting a website containing malicious code, ransomware can travel across your networks and encrypt both mapped and unmapped files which brings all business operations to a stand-still. Once the scam artists have successfully encrypted all of your files, they will then provide you with details on how to regain access to your files (normally in the form of bitcoin currency). Average ransoms are $679 US dollars.
How to Prevent Malicious Attacks?
Should you ever pay the hackers – Never. A recent study conducted with over 150 IT professionals showed that only five per cent paid the ransom. Reasons being:
- There is no guarantee that cyber criminals will fully recover your data (in fact, like most criminals they renege on their promises of data decryption)
- It’s often a laborious and timely process to decrypt the files
- Once you’ve been hit with ransomware once, you’re a target. One encryption does not prevent you from being attacked again
Therefore, the only way to prevent attacks is by having a comprehensive and reliable backup and recovery solution in place. There are millions of ransomware threats being developed every day. Rather than trying to find solutions that will combat ransomware, have a rigorous data protection plan in place – one that includes regular back up of all files (whether they be stored in the cloud or with traditional backup). Therefore if you were to ever be hit by ransomware, regular backup means easy recovery, faster RTO’s and RPO’s and business continuity.
Three Reasons Why Your 2017 Strategy Needs to Change:
- 2016 was a very successful year for ransomware. Attacks and threats increased, and trends have shown that attacks are becoming more targeted towards businesses as opposed to individual users because the criminals know that more money lies in business.
- Cyber criminals are becoming more sophisticated and their delivery and evasion tactics are becoming more advanced to make them more profitable. They’re spending their profits to develop new malware that is resistant to security defenses and decryption software.
- Ransomware attacks are growing, multiplying and infecting more organizations. No security solutions will be 100 per cent effective against all threats. So rather than overinvesting in new security, antivirus and endpoint protection solutions, invest more time in training your staff as the entry point of the majority of attacks are still due to individual users endpoint devices.
Ready to Learn How Asigra Can Help You Combat Ransomware?