Article

Ransomware: The new business nightmare

Posted by Brian Danzinger on Sep 20, 2017 17:00:00 PM

Topic: ALL

Ransomeware_1500px

You log onto your computer and attempt to access some documents in a client folder. However, instead of the file opening normally, a frightening screen pops up warning you that your files have been locked and made inaccessible unless you pay a $3,000 ransom. And just like that, you may have become a victim to Ransomware.

What is Ransomware?

Ransomware is a type of malware virus that allows attackers to encrypt certain files or data, preventing users from accessing them. Only by paying a "ransom" will the attackers release the decryption key, allowing you to once again have full access to your files. Ransom instructions are then embedded as part of the infection and anonymous or hard to track service like BitCoin are then used to process payment. Similar to the crime of kidnapping, attackers leverage Ransomware to take something of value from you and will only release it once a payment is made.

Ransomware also targets a wide variety of data and file types, allowing attackers to restrict access to items of sentimental value like your music collection, vacation photos, and movie files or it can target business related data like client files, electronic legal documents and work projects. While losing personal videos from your last family trip can be disheartening, not having access to confidential client files can be an especially alarming scenario. That’s why attackers rely on one’s emotional attachment to – or need for – files to demand payment.

The Impact of Ransomware

Ransomware is on the rise, targeting both home/personal machines and business networks. According to a recent report by the FBI, 47% of businesses have been affected by Ransomware. More than half (59%) of the reported ransomware infections were delivered via email attachments and embedded URLs.1 Recent Ransomware viruses like the "WannaCry" and "Petya" had an estimated $1 billion dollar impact on business globally and spread to as many as 64 countries within the first few hours of release.2 The BBC reported that one of the victims of the recent Ransomware attack was South Korean firm Nayana, which paid an unprecedented $1 million dollar ransom to attackers in exchange for unlocking their infected machines.3 Ransomware is also targeting Mobile devices with Mobile Ransomware increasing by over 250 percent during the first few months of 2017, according to Kaspersky Security.2

How Ransomware works

Similar to other viruses and malware attacks, a user’s computer needs to be hit by an infected payload. Users may inadvertently download Ransomware from a spoofed or compromised website. Ransomware can also be delivered as an email attachment from either an infected contact or through a well-designed phishing email. Once Ransomware has impacted a user’s machine, certain files will be targeted for encryption and ransoming. In some scenarios, Ransomware can also be designed to lock the computer screen, preventing all access to the machine, only displaying instructions for how to make payment. Due to the level of encryption used by most Ransomware payloads, an attempt to bypass and circumvent the virus once installed is highly unlikely.

How to prevent Ransomware

Similar to other viruses and cyber attacks, the FBI has put together a list of best practices that users and organizations can take to help protect their data.

  • Make sure you have updated antivirus software on your computer.

  • Enable automated patches for your operating system and web browser.

  • Have strong passwords, and don’t use the same passwords for everything.

  • Use a pop-up blocker.

  • Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).

  • Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.

  • Use the same precautions on your mobile phone as you would on your computer when using the Internet.

  • To prevent the loss of essential files due to a ransomware infection, it’s recommended that individuals and businesses always conduct regular system back-ups and store the backed-up data offline.

 

Reference Links:

1Don’t Be a Ransomware Victim
2Ransomeware Attacks Rise 250 Percent in 2017, Hitting U.S. Hardest
3South Korean firm's 'record' ransom payment