What is Ransomware?
Ransomware is a crime that can make a victim out of any business, of any size, in any industry. It is malicious and can attack the most unsuspecting of people. So what exactly is ransomware? Ransomware is a type of malware that attacks a device and encrypts files, preventing a victim from accessing his or her data files. Files will be encrypted until a given amount of money is paid to get a decryption key for the encrypted files. When faced with this threat, cybercriminals will demand a large sum of money in the form of cryptocurrency, or gift cards, up to around $3,000.
Ransomware has become a large threat to U.S. businesses in the past few years. This is because it can be targeted to any device, spread to other devices connected to the same network, and can happen anywhere. Most encounters are attempted ransomware through attachments in email links, sites that have been compromised, or infected software or external storage devices.
Ransomware on the Rise
Amidst the global COVID-19 pandemic, ransomware has become extremely abundant, and likely more successful. Cybercriminals have capitalized on targeting employees who now work from home on their own devices. They’ve become successful because many cybercriminals are posing as having information about the pandemic in emails, guiding people to click malicious links. With four out of ten COVID-19 themed emails being spam, it is easy for them to blend in. Within the first few months of the pandemic, or the first half of 2020, global ransomware reports increased by 715% year-over-year, according to the latest Threat Landscape Report 2020 by Bitdefender.
What Can Your Organization Do to Prevent Ransomware?
It can be scary to think about your organization being hit with a ransomware attack. Luckily, there are measures you can take to help prevent it from happening to you. Here are some things your organization should consider:
Use antivirus, antispam, and antimalware software. Malware can run through a system undetected.Keep all software and systems patched and updated. This can help prevent faulty, penetrable systems.
Don’t open attachments or links in suspicious emails. You can attempt to verify the link by hovering over it and seeing where it takes you. Check the email for grammatical errors and if it is in the usual tone of the sender, if you know them.
Remove add-ons or plugins from your browser that aren’t necessary. For the ones you need, make sure they are updated.
Regularly backup data that is important. By backing up data, there is no need to pay the attacker or worry about losing files.
Educate. Provide training to employees and let friends and family know about the dangers of ransomware. Become knowledgeable on types of ransomware and statistics.
Have a response and reporting plan. Include what you should do when you find out about an attack and how you are going to recover. Also consider how and where to report the attack.
Best Practices When Responding to an Attack
- Determine and disconnect the infected device.
- Determine if a decryptor is available. There are resources that can decrypt your data for you.
- Restore files from regular backups.
- Report the attack to the Internet Crime Complaint Center (IC3).
- Do not pay the ransom. There is no guarantee the cybercriminals will give you a decryptor key.
All in all, there are a lot of precautions an organization can take to avoid ransomware. But being informed and having good security isn’t enough. Everyone needs to regularly be checking their devices as well as staying vigilant to threats. Heavily educating employees and regularly backing up important documents will mitigate the damage a ransomware attack can have.
If you need extra assistance with your online security, fill out a form below so we can get in contact with you. Stay safe!