For several years now, ransomware attacks have been steadily increasing. Back in 2013, CryptoLocker hit the headlines as one of the first ransomware programs to be released. Until 2014, when its distribution networks were taken down, CryptoLocker wreaked havoc infecting countless personal and business computers. Since then, there have been many new ransomware infections, some of which use the CryptoLocker name, but are in fact different programs. In this post, we explain what ransomware is, the effect that it can have on your business and what you can do to protect yourself against the threat.
Ransomware is a form of malware. Malware is a general term for malicious software programs, commonly referred to as viruses, which are designed to enter our computers and other devices without our knowledge or permission, and with the intention of causing harm to our devices and the data that lives on them. There are many different types of malware and each has a different effect. Some, for example, may have been designed with the intention to compromise our data, whilst others will simply cause damage to our devices.
Ransomware is a form of malware that has the capacity to encrypt your files, without your knowledge, before demanding payment for their return. Very often, there is also a time limit imposed for the payment. It’s important to note that there’s no guarantee that your files will be decrypted once payment has been made.
As well as targeting files containing valuable personal or business data such as photos, spreadsheets and documents, ransomware programs can also have the ability to lock down system files as well, which could render applications, web browsers and even entire operating systems unusable. Although the original CryptoLocker infection targeted Windows, the current threat is not limited to PCs. Macs and mobile devices with the Android operating system installed are also at risk of ransomware infections.
The most common way that ransomware is spread is via infected Email attachments and links contained within Emails. Once an infected file has been opened, it is able to infect your system. It can be difficult to detect files that are infected as the malware is often concealed. The file extension may be changed and the malicious code is compressed into a zip file. Infection can also occur though installation of applications from untrusted or unknown publishers, as these may also contain ransomware. Once it has infected your system, ransomware works quietly in the background and connects to a remote server to encrypt files.
Once the ransomware has encrypted your files, you will receive a pop-up message demanding payment. The amount of money that is demanded using ransomware programs varies substantially, ranging from a few hundred to several thousands of pounds. It is common for payment to have to be made in an anonymous currency, such as Bitcoin. As previously mentioned, there is no guarantee that your files will be decrypted if you pay the ransom.
As you can probably imagine, ransomware can have very serious consequences for businesses. If you hold sensitive internal and customer information on your systems, and it is not securely backed up, you will be at risk of losing it if your systems are infected with ransomware. If your data is backed up, you will be able to recover your important files, but this goes far from solving the problem. You will still have experienced a potentially very serious data breach, which can have a number of devastating consequences of its own. It can cost companies a significant amount of money to deal with a data breach, which can also damage your reputation and lead to loss of business and potentially even legal cases being brought against your company.
Because ransomware renders files unusable, the first thing you should do is to ensure that all of your data is securely backed up. We would recommend a remote backup service, as this is arguably the safest and most efficient method of backing up your critical data. This should, however, be seen as an additional precaution, rather than a complete solution to the threat of ransomware. Prevention is always better than cure, so make sure that you have business-grade anti-virus and anti-spam software solutions installed, and that these are always kept up-to-date. Anti-spam software will help to detect any suspicious Emails and prevent them from entering your inboxes. Anti-virus software will detect malware threats and halt them before they are able to do any harm to your systems. It’s better to be safe than sorry.