BY Richard G., CO-FOUNDER @ CONTEXTUAL SECURITY SOLUTIONS
Perhaps you have received a malicious unsolicited email, or you are experiencing annoying pop-ups on your computer or network. If so, it’s possible that you have become the victim of ransomware. Ransomware is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access. Although it was originally designed to target individual people, cybercriminals found it to be such a success that they began targeting businesses as well. As one might imagine, this could lead to numerous problems including loss of pertinent information, legal fees, financial loss, and the need to purchase additional monitoring software.
Ways Ransomware Works
There are several different ways ransomware can infect a computer and one of the most common delivery systems is through emails, in which the user clicks on a suspicious link or through spam emails that are disguised as files the user should trust. Once they are downloaded, they can take over the victim’s computer. Other types of malware include Crypto malware that can encrypt files, folders, and hard-drives or Lockers which can completely lock the victim out of their device, making it impossible for them to access their files. Ransomware can also infiltrate mobile devices and are delivered through a malicious app, which results in a message on the victim’s device stating that they have been locked out due to illegal activity.
Who is a Target? Is it you?
Ransomware can spread across the internet aimlessly, but cyber criminals also have the ability to choose their specific targets. This enables them to go after those who are more likely to pay larger ransoms. For example, organizations that have smaller security teams, such as colleges and universities, may be impacted more than groups with highly sophisticated security systems. Cyber criminals also target organizations that require immediate access to their files such as banks, medical facilities, and government agencies because these groups may be willing to pay to quickly regain access to their systems. They also target organizations that hold sensitive information such as law firms because they may be willing to pay to keep news quiet. In such instances, the FBI may consider the ransomware to be a form of extortion if the ransom amount is extremely high.
Steps to Protect Yourself from Ransomware
Security experts agree that the best way to protect yourself from ransomware is to take the right measures to prevent it from happening. There are a number of things you can do that will improve your defense from a number of different attacks.
- Keep your operating system up-to-date and patched to ensure you have fewer vulnerabilities
- Never install software or allow for administrative privileges unless you know exactly what the software is and how it works.
- Create secure backups for your data on a regular basis using a cloud storage with a high-level security encryption.
- Invest in cybersecurity that is designed to protect against malware attacks.
- Use antivirus and anti-spam solutions and install programs that automatically scan your computer.
- Disable macros scripts and consider an alternative software such as Office Viewer to open Microsoft Office files transmitted through email.
- Restrict internet access and implement ad-blocking software. Specifically restrict access to common malware entry points such as personal email accounts and social networking sites.
- Remind employees to close their browsers when not in use and to never click on suspicious links or open attachments contained in suspicious emails.
- Stay informed by educating yourself and your employees about the dangers of ransomware and how to detect suspicious websites, emails, and other scams.
Immediate Steps to Take if You Are Attacked
If you find yourself the victim of ransomware, the number one rule is to never pay the ransom. This advice is endorsed by the FBI and is recommended to help stop these attacks from occurring. You can try to retrieve some of the encrypted files by using a decryptor. However, this is not always successful, given that ransomware utilizes highly advanced and sophisticated encryption algorithms. The wrong decryption script could further encrypt your files so you should work with a security specialist before trying any solutions yourself.
You can also deal with a ransomware infection by downloading a security product for remediation and running a scan to remove the threat. You may not be able to retrieve all of your files, but your system should be cleaned up and back in order. If possible, you can restore files from regularly maintained backups.
If you suspect you have been attacked by some form of malware, immediately disconnect the system from the network. Report the infection to the local FBI field offices and the Internet Crime Complaint Center https://www.ic3.gov/ransomware.aspx.
Your business is important and that’s why it’s recommended to work with a trusted cyber security partner like Contextual Security. We offer a personal, customized plan to help your business navigate cyber threats and we are committed to helping you develop a plan that fits your needs and budget. To learn more about our services, check us out at www.contextualsecurity.com or call and speak with one of our knowledgeable representatives 844-526-6732. You can also email us with any questions at inf[email protected].