Written by: Jay H.
What Is Ransomware?
Cybercriminals use several measures to exploit people for money, and ransomware is one of them. Ransomware is a form of malware that denies users access to their files through encryption until the attacker receives ransom payment. Once the user pays the ransom, there is no guarantee that the victim will recover their files. Hackers usually demand Bitcoin, an untraceable online currency. Learn more about what ransomware is and how to prevent it from devastating your organization.
Forms Of Ransomware
Cybercriminals use numerous measures to access a computer using ransomware. A standard method is phishing spam—email attachments disguised as a trustworthy file sent to the victim. Once the victim downloads the file and opens the attachment, the malware gains access to the user’s computer and can even receive administrative access. From there, the malware can easily encrypt the victim’s files, denying the victim access without a mathematical key known only by the aggressor. Afterward, the attacker lets the victim know they can only regain access to their files if they pay a ransom.
Rarely, the attacker may claim to be a part of a law enforcement agency, claiming that the victim has pirated data or pornography on his computer and demanding a “fine” to keep the computer from getting shut down. Another form of ransomware is leakware or doxware, where the perpetrator threatens to publicize sensitive data the victim doesn’t pay the ransom. However, these ransomware forms are less common, as locating this data is much more difficult for attackers.
How To Prevent Ransomware Attacks
You can help prevent ransomware from gaining access to your computer. Following these guidelines will help improve your defences and are the right general security measures to take:
- Patch and keep your operating system up-to-date to minimize vulnerabilities.
- Don’t download files from unknown sources. Also, don’t give software administrative privileges unless you know exactly what it is and what it does.
- Install antivirus software to detect malware. For home users, we recommend Malwarebytes. For business users, we recommend Webroot and Bitdefender.
- Install whitelisting software to ensure applications cannot execute themselves.
- Back up your files frequently and store them offline. Should malware attack, the damage dealt will be much less significant.
Should I Pay The Ransom?
If you fall victim to ransomware, you may ask yourself—should I pay the ransom?
Although urged by law enforcement not to, many companies do end up paying the ransom. Some even budget for possible ransomware attacks. Why is this?
Many of the organizations targeted are healthcare and financial sectors, which are particularly sensitive to ransomware attacks. These organizations need access to their data urgently and are generally willing to pay the ransom to regain access. Also, the perpetrators tend to make the ransom prices relatively low, so it is worth it for the organization to pay the ransom instead of paying a third party to regain computer access or rebuild the lost data.
That said, it ultimately falls on you to decide. You are dealing with criminals, and most people would prefer not to give money out to their attackers. Furthermore, sometimes the attackers’ claims are false, and they actually have not encrypted your data at all—this is called scareware. Also, there is no guarantee the attackers will actually restore your data should you pay the ransom; however, usually, this isn’t the case. Otherwise, ransomware would quickly earn a reputation, and no one would pay the criminals.
In conclusion, be sure to be proactive and strengthen your defences using the preventative methods provided in this article. Attackers are constantly looking for their next victims to extort—make yourself less likely to be their latest. Consult security experts to create a strategy to protect your business from attackers.
To learn more about cybersecurity threats, click here.
Comments are closed.