What is Ransomware?
Ransomware is a form of malware that restricts users from accessingtheir own system and usually also encrypts important files. This forcesthe victim to make a decision: either make a ransom payment (within thestated timeframe) or risk permanently losing all of their files and/orsystem access forever.
It should be noted though, that making a ransom payment may notnecessarily recover encrypted files. There have been documented caseswhere decryption keys have not been provided, even when the ransom waspaid.
Over recent years, ransomware has been steadily gaining popularity withcybercriminals. This increase has in part, been facilitated by theemergence of cryptocurrencies, such as Bitcoin. The main impediment withearly forms of ransomware was the lack of an anonymous way to collectpayments, so some demanded prepaid gift cards, or SMS messages.
Nowadays, nearly all forms of ransomware request payment in Bitcoin,since it’s the most popular cryptocurrency, easy to use, transactionsare irreversible and the currency is global. The drawback forcybercriminals, though is that a record of every transaction is publiclyavailable. To get around this, they use money laundering services thatconceal their identity before cashing out. As a result, these attacksend up being incredibly difficult to trace, even for law enforcementagencies.
One of the most well-known ransomware attacks is the WannaCry attackthat occurred in May 2017. Over 230,000 computers worldwide wereinfected, including major organisations such as the National HealthService (NHS), FedEx and Renault. The computers targeted were running onan old version of the Microsoft Windows that had not been updated with asecurity patch released two months previously. Many users had notinstalled the patch by the time of the attack.
What is the aim of Ransomware?
Most of the time, the main goal of ransomware is to raise money, not tocause damage to the user’s system. Because of this, the requested ransomamount is usually reasonably small, typically around £500 or less,making it manageable for most targets of infection.
If the cybercriminals wanted to cause as much damage as possible, morethan likely, they would choose other forms of malware, unless theywanted to disguise the attack, which seems to be the case with the Petyaransomware attack in June 2017, that suspiciously focused on targetingUkrainian government institutions.
How do I prevent being infected?
Installallsecurity updates
Users should make sure their operating systems and applications are keptup-to date, in particular any anti-virus programs. As new viruses andmalware are being developed all the time, updates and patches areconstantly being released to plug exploits. Being even a day or twobehind on installing a new patch could make your system vulnerable. Keepinventories of the software and systems you use, to ensure you are notmissing any.
Subscribe to update alerts
If you are concerned about missing out, most software companies willsend an email to alert you to new updates. Make sure to check if this isthe case, and that you are definitely a subscriber.
Be careful of what you open or click
Always avoid clicking on suspicious hyperlinks or email attachments. These are common methods used by cybercriminals to spread malware. Unsolicited emails from organisations you don’t deal with should alwaysbe treated with suspicion. There are online tools available that canactually check if links are safe, without you having to actually clickon them.
Backup your files
If you have up-to-date copies of the files that have been encrypted,then there is no need to pay the ransom fee. Set some time aside to backup files on a regular basis. Overnight is often a good choice, assystems are not being used. There are many programs and pluginsavailable that can make automatic backups for you.
Education is the key
Make sure your employees and colleagues understand best practice when itcomes to cybersecurity, have a set routine everybody follows for backupsand updates. Even one weak link in an organisation can enable an attackwith serious consequences.
If you’re interested in a secure and powerful business processmanagement platform, book yourfree no-obligation SwiftCase demo today.
Ready to automate your workflows?
SwiftCase helps operations teams streamline their processes with powerful workflow automation, case management, and AI-powered communication tools.