Ransomware is a type of malware that encrypts a victim’s files, making them unusable, and they must be paid to decrypt them. It’s a growing threat to individuals and businesses alike, so it’s essential to understand how it works and what you can do to protect yourself.
History of Ransomware
Ransomware has been around for many years, but it has only become a major problem recently. Early examples of ransomware date back to the late 1990s, but they were relatively rare and not particularly effective. In 2005, a more sophisticated type of ransomware called GPCode appeared, which used strong encryption and demanded a ransom be paid to decrypt the victim’s files. This set the stage for the modern ransomware that people know today.
The first widely publicized ransomware attack occurred in 2013 with the release of Cryptolocker. This malware encrypted victims’ files and demanded a ransom be paid in bitcoins to decrypt them. While Cryptolocker was eventually shut down by law enforcement, it spawned a whole new generation of ransomware that has since become a major problem.
How Does Ransomware Work?
Ransomware is typically spread through phishing emails or unknowingly visiting an infected website. Once your computer is infected, the ransomware will scan your hard drive for specific file types (typically documents, photos, videos, etc.) and encrypt them.
Once the files are encrypted, you’ll see a message demanding that you pay a ransom (usually in Bitcoin) to decrypt the files. While some ransomware will give you a deadline to pay the ransom, others will simply lock you out of your computer until you pay up.
In either case, it’s important not to give in to the demands as there’s no guarantee that you’ll receive the decryption key even if you pay the ransom. There have been instances where victims have paid the ransom only to find that their files were still encrypted. The average cost of a ransomware attack is around a million dollars, making it devastating for any business affected by it.
Four Ways You Can Protect Your Business
Thankfully, a ransomware attack is highly preventable. Here are some of your options.
Penetration Testing
One of the best ways to determine if your business is vulnerable to ransomware (or any other cyber attack) is to have a penetration test. This is where an ethical hacker attempts to break into your systems using an automated penetration testing tool to find any vulnerabilities that could be exploited. Once the vulnerabilities are found, they can be fixed before a real attacker has a chance to exploit them.
This is a great option if you have a website with a login form, as it will test to see if a hacker can gain access to sensitive data such as customer credit card information.
Backups
Regular backups are one of the most important things you can do to protect your business from ransomware (or any other type of data loss). That way, even if your systems are attacked, and your data is encrypted, you’ll still have a copy that you can restore.
There are local and cloud-based backups. Local backups are stored on an external hard drive, or another type of storage device kept at your office, while cloud-based backups are stored off-site (usually in the cloud). Both have their advantages and disadvantages, so it’s up to you to decide which one is best for your business.
Employee Training
One of the most common ways that ransomware is spread is through phishing emails. These emails look like they’re from a legitimate source but are actually from a hacker trying to get you to click on a malicious link or attachment.
That’s why it’s important to train your employees to spot phishing emails. You can send out simulated phishing emails and see who falls for them. Those who do can then be given additional training on how to spot these types of emails.
Web Filtering
Another way to prevent ransomware (and other types of malware) from getting onto your systems is to use web filtering. This type of software blocks access to websites known to be malicious. It can also block specific types of files from being downloaded, such as executables (.exe files) which are often used to spread malware.
Ransomware is a severe threat to both individuals and businesses alike. Understanding how it works and taking steps to protect yourself can lessen your chances of becoming a victim. The more you prevent it from happening, the more money you can save in the coming years.
Photo by Michael Geiger on Unsplash