There’s been a lot of news about ransomware these days. Affected governments, administrations, and businesses have been extorted for millions of dollars to regain access to their data and systems – with varying levels of results. It can also happen on a much smaller, more individual level. Why is ransomware so common these days? How does ransomware spread? In this article, we’ll investigate.
Ransomware is a type of software that infects a computer or network and denies user access by locking them out or encrypting the data. The system and/or data remain inaccessible and under threat of deletion unless a ransom is paid. If the ransom is paid, generally using a cryptocurrency to prevent tracking, the system is unlocked. However, in some instances, ransoms have been paid and the data or system remains inaccessible.
Ransomware generally gets into computer systems by tricking a user into installing it themselves. This could occur by opening an infected file, program, or website page. Email and social media messaging services are popular vehicles for getting a user to open a file or run a program that unleashes the ransomware. Ransomware can also spread through the use of infected hardware such as USB drives. Attackers have also been found to use remote desktop applications which allow them to take over a computer or network and install the ransomware directly.
Because most cases of ransomware are initiated by the victim themselves, it’s important that computer users understand the importance of verifying the programs and files they open, the links they click on, and the websites that they visit.
Cybersecurity professionals warn that users should learn to identify phishing scams or, at the very least, verify any unsolicited links, files, and programs they receive before acting upon them.
Keeping operating systems up to date with the latest security updates and patches will go a long way towards denying system access to bad actors.
Antivirus software should be used to protect all computers and networks. It will also need to be continually updated to provide the highest and most up to date levels of security.
Computers should be restarted on a regular basis as this allows the system to reboot and patch up any vulnerabilities that may have become available.
Care should be taken when downloading files or programs. Use only trusted, reputable websites.
Backing up your files and storing them in a physically different location may not prevent being infected by ransomware, but it may allow you to continue using your data without having to submit to the ransom demands.
There are a number of different anti-ransomware programs that are available. They basically scan the system to find the ransomware and remove it. However, if your data has already been encrypted, this type of software is unlikely to be able to recover it. It’s for this reason that backups are so important.
Security agencies such as the FBI advise that you shouldn’t pay a ransom as it just encourages further attacks. In the case of what’s known as scareware, the attackers haven’t even encrypted any data, hoping the ransom will be paid before any serious investigation takes place. It’s also possible that paying the ransom won’t result in the retrieval of your data anyway. Sometimes even the attackers aren’t able to decrypt the information they’ve locked up. Very often they will take your money and disappear.
Find out how you can keep your business secure against cyber threats by partnering with MBC, get a free assessment today.