Many companies out there still do not fully understand the high risk ransomware can be. For those that do not know what it is, well it is a severe form of malware that can take your personal files and encrypt them. Once encrypted the attackers will then ask for some form of payment to release the trapped data. In most cases users are given instructions once infected on how to decrypt their data. Businesses have been known to even pay these attackers and receive no resolution.
Now that we a have high level overview of what ransomware is, lets talk about in detail how it works.
The most popular flavor of ransomware used by attackers are phishing spam (when you receive emails with attachments masked as files that look familiar or friendly). The user opens these attachments and without knowing, a file is download and executed in the background allowing the attacker to now take control over the PC. Once the PC is infected there is a high risk of spreading to other machines very quickly causing the same results.
Once the encryption happens there is no way to undo the damage without the decryption keys. Either a pop up or file containing instructions from the hackers will be visible. Most of the time money sent via Bitcoin is requested in order to receive a decryption code to unlock your files. As mentioned above, there are cases where payment is made and decryption keys are sent but the files still remain locked.
Most businesses these days are either not aware or believe “it wont happen to us” which can leave the business vulnerable. There is no real factor as to why hackers choose certain businesses as the victims but being prepared and protected will avoid situations as these.
Believe it or not but a higher percentage of small to medium size businesses seem to be the preferred choice of attacks. Either they did not invest the time and money in IT to protect them selves or they are unaware of the risks.
There are many ways to protect your business from being a ransomware hostage. Choosing a good web filtering service, email filtering service, Endpoint protection software, and user community awareness are all powerful tools to help stop you from being the next victim.