You've got a virus. Your files are inaccessible and a hacker is demanding payment. It's every business' worst nightmare: it's ransomware.
This software holds your files hostage in exchange for a 'release' price. Average ransom demands are now upwards of $679 (£520), a figure that has more than doubled in the past six months. To make matters worse, organisations now consider it to be a top cyber threat for businesses, which means that your company cannot afford to ignore it.
So, where does ransomware come from and how do cyber criminals get it into your network?
Criminals can deliver ransomware in different ways. Usually, it’s via links in malicious emails that trigger the automatic download of malware. This malware then takes advantage of vulnerabilities hidden in your software.
Kaspersky’s recent security bulletin states that vulnerabilities in internet browsers are the cause of 62 percent of malware infections, which include ransomware. The other 38 percent of viruses exploit common software, such as Adobe Flash Player and Java.
Once you download ransomware, depending on what type of ransomware it is, it can either lock your computer screen or encrypt your files using cryptographic keys.
The criminal behind the attack will then demand payment before they either unlock your screen or give you the private cryptographic key so that you can un-encrypt your files. Of course, paying this ransom is not a guarantee. Some criminals will take your money and leave you with nothing.
The bottom line is, ransomware is dangerous for both you and your business. In the last year and a half, the service sector contracted 38 percent of organisational infections and this percentage is only rising.
Fortunately, there are simple ways to protect your business from these attacks.
If ransomware does get into your network, it's not the end of the world. Try to stay calm, focus and do not pay the criminals. There’s no guarantee that you will get your files back.
The safest thing you can do is shut down all the devices in your network and run a full security scan. Providing you have all of your information available elsewhere, you always have the option to wipe your devices clean and reinstall your data. If you require further assistance, act appropriately and refer to specialist IT support.