Ransomware is a type of malicious software attack that encrypts files or systems on your computer or network and blocks user access to those files or systems. The attackers then demand a ransom to restore access to data. Phishing emails and unknowing visits to unsecured and infected websites are some of the probable ways of getting infected with this malware. It is one of the most harrowing and expensive cybercrime out there, and its threat level is on the rise.
Ransomware is not to be ignored
Ransomware penetrates the system in many ways, with the most common being a download via spam email attachment. Other avenues of attack include social engineering, downloads of the malicious software from the web, clicking on “malvertising,” fake ads, drive-by-download attacks, and social media messaging.
Once the malware enters the system, it encrypts the files and makes it inaccessible for the user until the victim pays the ransom in exchange for the decryption key. According to city officials of Las Vegas, the city faces an average of 279,000 attempts to breach its systems every month.
According to a New York Times report, 205,280 organizations submitted files that had been infected by a ransomware attack in 2019—41 percent more than 2018. The report also stated that the average ransom paid to release access to the hostage files went up to to $84,116 in the last quarter of 2019, which was more than double than what was recorded in the previous quarter. In the last month of 2019, the average payment released skyrocketed to $190,946. Some organizations are even facing ransom demands in the millions.
How to respond to a ransomware
Once your system is infected, there are not many options to go forward with. You can either hope to use your cloud-based backup to restore your systems or pay the ransom amount and pray that the decryption key you receive in return works.
The US Federal Government does not advise paying ransomware demands. According to FBI Cyber Division Assistant Director James Trainor,
“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cybercriminals to target more organizations, but it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
The US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has shared a list of things to follow in case your system is infected.
- You need to isolate the infected system entirely and make sure it is disconnected from all the networked drives, be them wired or wireless.
- You should power off and segregate the infected computer and all the other devices that shared the network with the infected system.
- Next, you need to secure your backup and make sure it’s offline. Scanning the entire backup for signs of infection using a robust antivirus program will be a good idea.
- Report to your local authorities dealing with cybercrime. They will help you deal with the situation and can also help recover some partially encrypted files.
How to prevent a ransomware attack
To protect against these attacks, individuals and business can following steps:
- Backup your data on an external hard drive or any other device that cannot be accessed via a network. This exercise will not stop the attack from happening, but it will help you restore your system.
- Invest in a good protection software like the ransomware protection software by Carbon Black, which can detect malicious programs like ransomware.
- Make sure all your applications and operating systems are updated with the latest updates.
- Think before you click. If you receive an email with the attachments from an unknown source, don’t open as these might contain executables which can be ransomware or a virus. Also, avoid visiting unverified and unsecured websites.
- Train Your Employees and Educate Yourself: It is good to be updated about the recent trends in cybersecurity. Companies and individuals often fall victim to ransomware due to a lack of training and awareness.
Show me the money!
According to a Wired report, in 2019, the direct damage from ransomware attacks exceeded $12 billion, and the actual ransom money paid was higher than $5 billion (£3.7bn). With rising ransomware attacks, individuals and organizations need to stop being complacent. It’s high time to invest in strong ransomware protection software that can protect against new and emerging ransomware threats.