What is Ransomware and how can I stop it?
With each day that passes, data becomes an ever more valuable commodity (we know this all too well thanks to the urgency ascribed to RAID recoveries!). For businesses, it’s used daily to fulfil services and gain valuable insights into patters and trends. Outside of private enterprise, people like you and me use data for personal enjoyment daily. Sadly, the value of data – both personal and professional – is being leveraged by cyber criminals who know that there are people who would, if they were to lose it, do anything to get it back.
It was this realisation that led to the birth of Ransomware, a computer virus that, once it’s infected a system, proceeds to encrypt the data stored there. Following this, a ransom is requested in return for the data to be decrypted, hence the term Ransomware.
How Ransomware attacks work
Typically, hackers rely on human error in order to infect a system with Ransomware. Phishing emails that mimic trusted service providers or other organisations and that contain a malicious link are tactics cybercriminals typically employ, for example. Whilst they are considerably rarer, more advanced types of Ransomware exploit flaws in security protocols and infect systems without needing to trick users.
So how can I protect myself/my business from Ransomware attacks?
Vigilance is key to preventing Ransomware from encrypting your data. Being mindful of the possibility of an email from a seemingly trusted source actually having come from a malicious individual and encouraging employees to do the same will go a long way towards preventing your system from being infected. Equally important is the need to keep your security protocols up-to-date and robust.
Sadly, though, mistakes are inevitable and there’s nothing that can be done to ensure you’ll be immune to Ransomware. That said, you can prepare a contingency plan to minimise the damage.
Backing up your data provides a solution
It might not resolve all of the problems a Ransomware infection can cause (more on that later) but backing up your data to an unnetworked piece or pieces of storage media will mean that you’ll be able to restore any inaccessible data lost to Ransomware relatively quickly.
Keeping this backup off your network is vital as, should your system become infected, this will ensure that your backup drive is unaffected by it.
For companies, however, a backup alone will not be enough to negate all of the negative consequences of Ransomware, particularly one strain that leverages not just the value of companies’ data, but the importance they place on maintaining their reputations, too.
Why Doxware is a bigger threat to companies
Unlike other types of Ransomware, Doxware does not encrypt files and offer a decryption key in exchange for a fee. Instead, they access potentially sensitive or confidential material (such as email conversations, patents, financial documentation etc.) and threaten to make it public unless a ransom is paid.
This is potentially damaging for several reasons. Even if a company have backups of their data readily available, this will have no effect on the negative PR that will be generated from a data leak, with consumers certain to view their digital security to be ineffective. Further harm can come in the form of potentially insensitive or offensive email conversations that may have been had by employees. A significant fine (potentially even larger following the introduction of GDPR) is another threat to the health of an organisation’s bottom line.
Sadly, there is no way of ensuring that any system is immune to this more sophisticated form of Ransomware. Keeping all security measures and procedures up-to-date has always been essential, of course, but it’s even more vital with Doxware being a tangible threat.
Ransomware is a nasty computer virus but, by regularly backing up your data and keeping your data security measures up-to-date and robust, you’ll be doing everything you can to prevent it from affecting you or your company.