Are You Having A Technology Emergency?

Understanding Ransomware

ransomware

Ransomware: the Malware that Hits Your Data, and Then Your Wallet

Cyber-crime is on the rise: one of the fastest growing cyber-threats is ransomware. Ransomware attacks grew by more than 250% in 2017 alone, including the May 2017 WannaCry ransomware attack – the largest cyber-attack in history.

Ransomware has the ability to cripple your business. How much do you know about it?

What is ransomware and why is it so popular among cyber criminals?

Ransomware is exactly what the name would indicate: it’s malware that allows hackers to demand a ransom. It follows a simple, but devious, method of attack: first, the program encrypts files on your system, then it demands that the user pay to regain access to the files.

Usually the ransom demand asks to be paid in some form of cryptocurrency, such as Bitcoin. The ransom also usually adds urgency to this demand by including a time limit, threatening to either delete the files or double the amount demanded if the stated deadline passes.

Due to the typically high ransoms that are associated with ransomware, there are some targets that tend to be assaulted more than others. Ransomware attacks are financially motivated, so they tend to attack targets with more capital and higher liquidity. This means that businesses and high net worth individuals are at higher risk of being targeted.

How is ransomware spread?

Ransomware attacks are typically spread by email phishing. Attackers send out deceptive emails hoping to fool the recipient into downloading the ransomware onto their system by clicking a link or downloading a file. These emails can often be very convincing, appearing to be from a trusted source such as a government organization or industry peers. The malware is sent along as an attachment that executes once it is opened, bypassing many of the system’s defenses.

Attackers are relying on the fact that business users tend to get lots of emails to provide cover for their attacks. They’re counting on the fact that after opening dozens of emails in a given day, an employee might get careless. The email may appear to be a normal, work-related email; if the corrupted email looks legitimate, what cause would an employee have to worry about opening the attachment? These assumptions and false sense of security allow cyber criminals to infiltrate their victim’s systems.

Businesses also offer many points of access: every new employee offers a cyber-criminal another opportunity to attack your business.

How do I Know if it’s Ransomware?

There are many variants of ransomware that your business must protect itself against, and more variants are developed every day. Some of the most famous include WannaCry, NotPetya and CryptoLocker. If your computer is attacked any of these ransomware variants, you will see a screen like the ones below, demanding payment in order to decrypt your files.

CryptoLocker
cryptolocker

Zepto
zepto

Cerber3
cerber3

FairWare
fairware

Petya
petya

Wildfile
wildfire

If any of these variants is downloaded onto your system, you are going to need professional help, fast. Better yet, prevent loss of data or being forced to pay exorbitantly high ransoms by protecting your business and its data with Tolar Systems Complete Care. Complete Care monitors every email and web page accessed on your network, and prevents the download of unsafe files that can unleash ransomware onto your system.

If you have questions about ransomware or malware of any kind, or if you simply would like help protecting your data and infrastructure from ransomware, contact Tolar Systems today.

TOP