Ransomware - What you need to know

Posted by Ragnar Sigurdsson
Find me on:

icon-ransomware-1You hear about it all the time, from your tech people to the evening news. Ransomware seems to be everywhere and it seems like there’s a new and nastier version every day. 

The truth is that ransomware is very popular with criminals and it can be very difficult to beat once you’re infected. 

It is possible to prevent ransomware from getting onto your network in the first place and perhaps reset your system if you do get infected.

 

What is ransomware?

ransomware

As a concept, ransomware is fairly simple. A criminal uses a piece of email that prompts someone to open a link or download an attachment. The malware that is at that link or on the attachment contains instructions to encrypt the entire network. As the malware crawls over the network, it locks down all of the files, the software - everything.

A message appears on all of the infected screens that tells the owner to call a number or send money to an account number. In exchange, the criminals will send or apply an encryption key that will release the data.

The encryption system that they use is nearly unbreakable, being the same level of encryption that most banks and military installations use.

 

Why is ransomware so popular?

One reason that ransomware has become so popular is that there are automated ransomware designers on the dark web. Anyone can go to one of these designers-as-a-service and create ransomware that they then deploy to the world.

Another reason that ransomware is so popular is that it gets cash for the criminal. Once you’ve paid the ransom, they might release your computers. You have no guarantee - and they've gotten away with your cash.

As much fun as simply destroying things is, the bad guys like getting money even more. There are even some indications that the money is being used for terrorism and drug cartels.

 

Avoiding ransomware

Over 90% of ransomware ends up in your network via email. It can be business email accounts or personal email accounts. Once someone has accessed that email and either downloaded an attachment or clicked a link, you’ve got ransomware in your network.

There are a number of steps that you can follow to prevent ransomware from ever making it onto your network:

1) Education

Most importantly, educate your people to never download anything unless they are 100% positive that they know where the email came from. They should never open unsolicited emails or follow instructions in an email that seems out of place.

2) Next Generation Anti-Virus

Use a “next generation” antivirus program. Most anti-virus programs wait for an update to protect you from a new threat. Those downloads need to be prompted by the company that made the software. With next-gen antivirus, the system updates itself by tracking activity around the world 24/7 as well as actively scanning your network all the time instead, rather than being activated by a user or the clock. Most next-gen antivirus programs are cloud-based so any program updates can be handled instantly by the provider.

3) Regular and Consistent Backups

Make sure you backup at regular intervals. While most people know that they should back up their systems, few individuals and small businesses actually do. Larger businesses have begun to catch on. If you have a backup of your system that is current enough, your tech people can scrub your system and restore you to just a couple of hours before the attack.

4) 24/7 Monitoring

Get constant monitoring. Hiring an outside firm or creating an in-house team to monitor your network 24 hours a day can make a huge difference. They will be able to spot an attack, often before anyone else notices, enabling them to stop it before it spreads too far. This type of monitoring is especially effective against brute force attacks, where a hacker attempts to enter your system from the outside.

 

What to do when you are held to ransom

If your system is infected, you’ll usually see the ransom message appear on first one screen, then another. The good new is that, if you are lucky, there might be a way to recover your files without paying the ransom. 

Worst case scenario: you need a technology team to reset your computers and network.

 

The most important point

This is the most important point of them all:  with proper training, your company can avoid 90% or more malware attacks. That is why security awareness training is crucial for your business!

 

Your employee security awareness training should include:

Building awareness of the different types of scams out there: phishing, whaling, spear phishing, and more. With frequent news of cyber security breaches and hacks, one would be forgiven for thinking that people would know what is out there. But generally they don't. And with businesses having security software and various technical precautions people may think they are pretty safe. But a lot of security breaches are because of human mistakes that security software can't do anything about. Furthermore, security breaches in businesses often originate with the hacker gaining access to employee's private accounts, and from there getting into the business network. Therefore, effective cyber security awareness training of your employees cannot be underestimated.

Know what to do in case of an attack. Computers and networks that are turned off don’t spread infection. You’ll want to listen to your own security staff, but for the most part, turning everything off is the first step once you discover you've been hacked.

Train your staff on the importance of email and social media policies. The policies that are put in place are designed to protect not only their devices but the company’s network overall. Make sure they are clear on what to do and what not to do.

 

Ransomware and the 21st century

The idea that anyone with internet access and the ability to get to the dark web can create a ransomware program means that it’s likely that this type of activity won’t stop any time soon. With proactive efforts by your company, you can save yourself a lot of pain and hassle.

Ongoing education, next-generation antivirus protection, and a cloud-based email programs are a significant leap forward in protecting your business. And, once again, education, education, education!

 

Get your copy of The Essential Cyber Security Awareness Checklist! DOWNLOAD NOW!

 

Topics: awareness training, ransomware, GDPR, awareness month