4. What Is Ransomware?
Before we get into what you can do to prepare for the
inevitable, let’s clarify what ransomware actually is and how it
works. Ransomware is malware that holds your data hostage
and demands payment for its release. It typically infiltrates a
system with a phishing email or website infection and exploits
an existing endpoint vulnerability.
Ransomware then establishes a foothold, expands to other
endpoints, and moves to discover, collect, stage and encrypt
target data. Once the damage is done, it covers its tracks and
exfiltrates data for use or sale on the dark web. Ransomware is
unique because once it is in your environment, there are very
few remedies available — all recourse is costly and business
interruption is inevitable.
5. What’s malware?
The National Cyber Security Centre states: “Malicious software, also
software or web content that can harm your organisation, such as the
outbreak. The most well-known form of malware is viruses, which are
infect legitimate software.”
•Never pay the ransom demands. There is no guarantee that data or
access to systems will be restored and victims who paid may be re-
targeted.
•Always install the latest software and app updates on all devices, and
use ant-virus software wherever possible.
•Beware of the warning signs of phishing and whaling. Do not open
attachments or click on links within any unsolicited emails you receive.
•Back up your data and keep it stored in a secure network.
6.
7. Why is ransomware spreading?
Ransomware attacks and their variants are rapidly evolving to counter
preventive technologies for several reasons:
•Easy availability of malware kits that can be used to create new malware
samples on demand
•Use of known good generic interpreters to create cross-platform
ransomware (for example, Ransom32 uses Node.js with a JavaScript
payload)
•Use of new techniques, such as encrypting the complete disk instead of
selected files
Today’s thieves don’t even have to be tech savvy. Ransomware
marketplaces have sprouted up online, offering malware strains for any
would-be cybercrook and generating extra profit for the malware authors,
who often ask for a cut in the ransom proceeds.
8.
9.
10. How to Protect Your Business From Ransomware
The good news is that many flaws exploited in
ransomware attacks are known vulnerabilities. This
means that organizations have the opportunity to
prevent most ransomware from being successful
before an attack is ever launched.
It is important to prepare your defense so you can
respond quickly and effectively during an attack, and
remediate and restore where necessary after an
attack. The first and most cost-effective remedy is
prevention.