How ransomware works ?
Ransomware can access a system via phishing scam emails, malicious files or USB sticks. Once files are accessed and opened the malware within will activate and will start encrypting files on the infected device. A message will then appear on the screen, informing the victim that their files can only be decrypted if a ransom is paid. Payments are usually requested in Bitcoin, a crypto currency that is difficult to trace.
Failure to pay the ransom within a time frame set can result in serious consequences, encrypted files may be deleted, an increased ransom amount to be paid or shutting down computer systems. The files cannot be decrypted without a mathematical password only known by the attacker.
Who is a target for ransomware?
Your vulnerability to a ransomware attack can depend upon how attractive your data and files are to the attackers and how vulnerable security systems are in your business.
Factors include, how likely organisations will pay ransom. Attackers believe some organisations are more likely to pay ransom, such as the Government and medical agencies are most likely to pay due to needing immediate access to files and not wanting to publicise that their files have been compromised. Businesses are also targets, they are likely to respond immediately. They can’t run without the data files.
How to prevent Ransomware
- Keep your software patched up and up to date to prevent fewer vulnerabilities for criminals to exploit. Enable automatic updates wherever possible.
- Look at internal network pen-testing, it will help confirm
- Backup files frequently, having a regular data backup will minimise the damage caused by a ransom attack as you will be able to get your files restored without having to pay the ransom
- Install antivirus software that can detect malware and notify you as soon as it enters the system
- Staff training about phishing and the danger of USB sticks, or disable them.
- Avoid installing software and giving it administrative roles unless it is a trusted source and you know exactly what the software does