You've logged on to your work computer. Your files are inaccessible and being held ransom by a hacker who's demanding payment. This is every business's worst nightmare; it's ransomware.
Ransomware is a type of malware that holds your files hostage in exchange for a 'release' payment. Since 2015, average ransom demands have ballooned from US$294 (approx. £200) to US$1, 077 - almost £800 - and that figure is growing. Security professionals now consider ransomware to be the top cyber threat affecting businesses and organisations, which means that you can't afford to ignore it.
So, where does ransomware come from and how do cyber criminals get it into your network?
How ransomware works
Criminals deliver ransomware in different ways. Usually, it’s via links in malicious emails that trigger the automatic download of malware. This malware then takes advantage of vulnerabilities hidden in your software.
Kaspersky’s recent security bulletin states that vulnerabilities in internet browsers were the cause of 42.6 percent of malware infections, which include ransomware. Other cyberattacks exploited common software, such as Adobe Flash Player and Microsoft Office.
Once you download ransomware, depending on what type of ransomware it is, it can either lock your computer screen or encrypt your files using cryptographic keys.
Don't pay the criminals
The criminal behind the attack will then demand payment before they either unlock your screen or give you the private cryptographic key so that you can un-encrypt your files. Of course, paying the ransom is not a guarantee. Some criminals will take your money and leave you with nothing.
The bottom line: ransomware is dangerous for both you and your business. A company is hit with ransomware every 40 seconds.
Fortunately, there are simple ways to protect your business from these attacks.
Ask yourself these questions
- Do you back up your data regularly? There are many different ways to guarantee that your data is accessible in the case of an emergency. For example, back up your information on an online service or data centre, such as Dropbox Business.
- Is your firewall turned on? You don't want anything creeping in unnoticed.
- Do you use trustworthy antivirus programmes? For the safety of your business, spend more money on effective antivirus programmes, rather than gambling with the risks that come with free software.
- Have you installed ad-blocking software? This will reduce the likelihood of suffering a drive-by infection from malvertising.
- Are you and your employees cautious? Malware is always adapting. For instance, some pop ups can look credible, but if they set off alarm bells you should close your browser. If you want to check a source, anti-virus heroes ESET regularly update their website with detailed information about the changing threat landscape. You should also look into cybersecurity training for your team.
- Are you able to filter spam out of your inboxes? Some spam emails can look professional and are written well. But, ask yourself these questions: did I subscribe to these email updates? Do the links within the email look credible? Oftentimes, common sense is all you need to figure out the fake from the legitimate.
If ransomware does get into your network, it's not the end of the world. Try to stay calm, focus and do not pay the criminals. There’s no guarantee that you will get your files back.
The safest thing you can do is shut down all the devices in your network and run a full security scan. Providing you have all of your information available elsewhere, you always have the option to wipe your devices clean and reinstall your data. If you require further assistance, act appropriately and refer to specialist IT support.
Note: this post was originally published on 21 September 2016. It has since been updated.