Ransomware

Ransomware attacks are an ever-present and growing threat, and can impact individuals, businesses, and government networks. Often the vector for ransomware starts with a single individual, either at their home where it impacts their own system, or possibly at work, where it can take down their company’s network and business operations. Learning more about these attacks and what measures can effectively prevent and mitigate them is the first step in protecting your PC, or possibly your employer’s business.

You can think of ransomware as a “digital hostage” scenario, where a user’s computer information is hijacked by an outsider through various means. These methods of compromising a system can occur in multiple ways. For example, you might go to a fraudulent or unsecure website, download unsafe software, or open links in spam emails or that will lead to a compromise of your PC. Even an accidental click on a pop-up ad can open you up to cyberthreats like ransomware, so being informed and aware of these threats will go a long way toward keeping you and your digital information safe.

Once a system is compromised, the ransomware locks it down so that the data stored on the system is no longer accessible. The ransomware then communicates with the cyberthieves who will demand a ransom in return for unlocking it again. If you are connected to a network, the attacker will first search for other systems to compromise before locking things down and contacting you. This can be very bad if it happens on your employer’s network.

One of the most common methods for basic protection with ransomware is by maintaining updates on your systems to keep your endpoints secured. Keeping your operating system, applications and security software updated will ensure that known vulnerabilities are patched and secure. Auto-updating options will also help you avoid missing any important updates. If you are working on a PC at your employer, hopefully these updates are all handled by your IT department or computer guy.

Keeping all the endpoints in the network hardened and secured is another crucial step to protect against threats. All hardware connected on the network should have all necessary firewalls, antivirus software configurations, encryption, and any other security measures installed and up to date. Hardened endpoints can protect the network as a whole and close any missed gaps in security from prior installation.

Another method of protecting your information is backing up your data. Keeping your information backed up regularly and separately will help if you are infected with malware or a victim of ransomware. While maintaining backups will ensure your system can be restored if infected, they do not necessarily protect you against one consequence of ransomware. Those who propagate ransomware know that more and more individuals and businesses are backing up their critical files to counter a ransomware attack. If you or your company refuse to pay a ransom because the data is backed up, the criminal’s next step will be to threaten to publicly release sensitive information. That is why it is so important to be careful about what you download and click on, keeping all systems and applications up to date, and having good security software in place.

For businesses, security awareness training is crucial because one of the weakest links is a company’s employees. A business can have the best cybersecurity technology in place, coupled with 24 x 7 monitoring, but if an employee is tricked into giving a hacker credentials to a critical system, none of that will matter. Educating employees on spotting the tell-tale signs of cyberthreats, such as identifying phishing emails, is essential in preventing potential attacks. In addition, there is a new tactic called “vishing” that is now impacting companies. This is where an employee is called by a hacker who tricks them into providing system credentials, or other information that will help them get one step closer to getting those credentials from someone else at the company. Training employees to recognize the risks and preventing these scenarios will help everyone play a key part in keeping the company network secure.

Along with employee training, having a cybersecurity plan and policies in place will help the IT department prevent and respond to ransomware by providing a defined structure to operate within, including how to quickly recover systems and data during an attack.

In summary, ransomware attacks can bring your PC, or even a whole network, to its knees if you are unprepared. Enacting these methods and keeping a watchful eye for cyberthreats will help reduce the likelihood that critical data and systems become compromised.