Ransomware is malicious software designed to infect your computer, and once it has done so, you will receive demands, often in the form of messages displayed on your computer threatening to publish private data or promising you access to your computer and systems in exchange for a fee. There are two main types of ransomware: crypto-ransomware and locker ransomware.
In 2020, we have seen an increase in ransomware attacks, with hackers targeting municipal governments, universities and private businesses, which has resulted in the loss of more than £120 million. Often these hackers threaten to make the stolen data public1, use the data to attack victims’ clients and/or disrupt business operations.
The most popular ransomware examples are Locky, Wannacry, Ryuk, CryptoLocker and Petya. They have explored software vulnerabilities, insecure websites, restoring options and more. The vast majority of ransomware attacks happen via email. These emails often appear to be legitimate and invite you to click links or download an attachment, and once clicked or downloaded, malicious software will infiltrate your device.
Crypto-malware attackers continue to use topical events to lure users into downloading a ransomware payload. COVID-19 is no different. Attempts to stay safe during the pandemic have been exploited to encrypt files on their devices. These attacks have even been carried out on hospitals.
In recent years, ransomware gangs have started working together, exchanging tactics and information2. By working as a team, hackers using ransomware can conduct more coordinated and evasive attack campaigns.
Data backups have helped organisations avoid a number of ransomware attacks over the past few years3. By backing up their data, victims were able to object to the attackers’ demands and recover their data without having to settle a ransom.
It is advisable to create offline backups that are kept separate from your network and systems, or in a cloud service designed for this purpose, as ransomware actively targets backups to increase the probability of payment. However, having your data backed up will not prevent attackers from using the stolen data to blackmail you. In fact, as a form of punishment for not meeting the attackers’ demands, hackers will often publish/ leak sensitive data4.
There are several ways you can reduce the probability of being infected by a ransomware attack, for example:
The measures you can take to protect your data from attackers depends on the type of device you are using and its operating system. In general, organisations should:
If you have fallen victim to an attack, make sure you:
Since cyber-criminals are growing in experience and developing new ways to infiltrate systems and devices, it can be difficult to completely protect your organisation against ransomware without specialist support. You can put up a strong defence by adopting a full-spectrum security approach, including risk assessments, analysis and testing. This way you can reduce the likelihood of a ransomware attack and/or decrease its effects. To find out more about cyber security and how we can assist your business, please contact Blue Frontier.