Ransomware is on the rise as a recent report found that the cost of attacks to businesses grew from $3.8 million in 2015 to an astounding $638 million in 2016. As the attack landscape continues to evolve and become more common, organizations of all sizes need to understand the severity of ransomware and what defenses to use to protect against today’s advanced threats.
Our friends at Sophos shared security insights and tips to fight against ransomware:
What is Ransomware?
Ransomware is a general term used to describe any malicious software – also called malware - which can be used to infect a computer system and block access to that system until a sum of money has been paid by the system’s owner. Essentially, ransomware is software used to take your computer hostage. This is accomplished by scrambling (or encrypting) all of the data on your computer or its connected drives, making everything unreadable. Once the perpetrator of the attack has encrypted your files, they will not give you the encryption key to unlock your files until the ransom has been paid.
After ransomware has infected your computer, the attacker usually displays a message like the one pictured below:
According to the FBI, incidents of these types of attacks against businesses are on the rise, in part because they usually result in bigger pay-outs. However, whether ransomware is used to target an individual or a business, the results can be devastating. A business could lose access to all of its sensitive and proprietary information, resulting in massive losses to both their finances and their reputation, and individuals could lose access to irreplaceable items, like family photos, videos and other data.
Why should it concern you?
Due to its anonymous nature, cyber-crime is generally considered low-risk to the criminal, and ransomware is certainly no exception to the rule. A skilled attacker can hide themselves behind numerous layers of false data, making it very difficult to physically track them down. Combine this anonymity with the fact that many attackers reside outside of the country in which their target is located, and they become virtually untouchable.
As if the fact that an attacker could be anonymous weren’t bad enough, because the source code for many types of ransomware are made publicly available on the web, an attacker implementing ransomware can also be relatively low-skilled. It’s easy to use, it’s low-risk and it offers potential for huge payouts, making it increasingly popular among criminal organizations.
Ransomware attacks are commonly delivered using the following methods:
- Phishing emails: the attacker sends you an email containing either an attachment with a malicious package hidden inside it or a link to a website that downloads malicious content onto your machine.
- Malicious websites: Attackers frequently embed their code into the content of webpages containing illicit or illegal material. They do this because they know that their victims will not take the issue to a professional or law enforcement due to the nature of the content being viewed at the time their device was infected.
- Unpatched software: The most recent – and alarming – method used by attackers to get ransomware onto your system, is where they embed their malicious code within legitimate websites and take advantage of users who access these sites while using unpatched software. This means that you don’t have to click on a link or download content for an attacker to get malware onto your device. You can infect your computer by simply visiting a site without using up-to-date software or firmware.
How to avoid it or lessen its effects:
Once it's on your machine, ransomware can be extremely difficult - if not impossible - to remove without the encryption key. This means that if your computer has been infected, it's usually already too late to do anything about it. You'll have to either pay up or say goodbye to the infected files altogether. If you experience an attack like this at work, consult your IT department immediately.
Having a reactive strategy to this type of attack is not an option. The only truly effective defense against ransomware is prevention. You need to take necessary precautions to ensure that you are not engaging in activities which put you at risk.
Here are some tips on how to avoid falling victim to a ransomware attack:
- Backups backups backups! Backup all of your important files onto an USB or external drive on a regular basis.
- Never click on, download or open anything in an email from an unknown or untrusted source. Especially if the email is in your spam folder.
- Don’t visit sites containing illicit or illegal content.
- Make sure that you are running the most recent versions of common browser software and firmware, like: Flash, Java, and Adobe Reader.
- Use good internet security software. A good internet security software may be able to block ransomware before it fully affects your computer. If you don't already have one, Sophos Home is an excellent free option.
In order to be effective against today’s advanced threats, organizations must take a proactive approach to protect themselves against cyber criminals. Implementing an effective security awareness training program along with installing multiple layers of cybersecurity protection will help detect scams and fight off threats from infecting your network.
At Xigent Solutions, we have a sustained focus on educating and training our employees to be aware of cyber threats and how to avoid them and we’ve implemented advanced security measures to keep ransomware from harming our business so that we can deliver the highest level of security for our customers.