The reality is that Ransomware attacks are increasing and the threat is constantly evolving. It first hit the headlines in 2017 and has crippled businesses and organisations in Australia, Europe and United States.
Ransomware is a type of malware that blocks access to a computer or its data and demands money to release it. Payment is often required in the form of an online currency such as Bitcoin which makes tracking criminals difficult or impossible.
Ransomware is spread via spam often arriving in an unsolicited phishing email or an attachment. Phishing attacks use emails disguised to look like they’re from someone you know. These emails will ask you to click on a link, download an attachment, or perform a routine task like updating records or account details.
When an unsuspected victim opens and clicks a link or download something from these spam emails, the ‘worm’ or malware downloads and infects their computer. It locks the system and encrypt the files. A digital key is needed to unlock the files. If victims don’t have a recent back-up of the files they must either pay the ransom or face losing all of their files.
Ransomware can also infect a system using vulnerabilities in a computer’s browser or via malicious code hidden in online ads, an attack vector called ‘malvertising’.
The most notorious type of Ransomware that is currently active are Locky, Cerber, WannaCrypt and CryptXXX. However, new variants are constantly appearing. Windows-based systems are the most common targets. But some variants, like Lockscreen, target mobile operating systems particularly Android.
The evolving nature of the threat makes Ransomware very difficult to counter.
Ransomware can affect businesses of all types and sizes. Attackers shift their focus on more lucrative commercial targets including large corporations and government agencies due to their high-value data.
Small to medium business (SMBs) are also targets since they are vulnerable with their limited IT resources. They are also more likely to pay the ransom in the hope they’ll get access to their data again, though this is not always the case.
The leading cause of ransomware infections is a lack of awareness and cybersecurity training which is common especially in SMBs. Small businesses typically don’t have the technical or financial resources to counter the threat. All it takes is one unsuspecting employee clicking on a link in a phishing email to unleash a ransomware infection.
Protecting your data can be as simple as educating your users, updating your systems and backing up your data
Train your staff to look for anything that seems suspicious or doesn’t seem right. This could be an email or social media message from strangers or any message with strange URL or files attached with an unusual file extension.
Get more insights about Ransomware by downloading this FREE eBook from our friends at Integrate IT below.