Ransomware attacks have become a growing concern, particularly for businesses. Ransomware is a subset of malware, which can infect a computer and hold important data ransomed. It allows the cybercriminal to encrypt a victim’s data and demand monetary payment before allowing decryption and regained access to their files. These attacks can be spread through compromised web pages, infected applications, malicious emails, and even external devices. However, more recent attacks are using Remote Desktop protocol which does not rely on any form of user interaction.
Data kidnapping is not limited to the infected computer; it can also affect other connected network devices. It allows the attacker to change login credentials and essentially lock them out of their own network, leaving all data completely vulnerable.
In the past, these attacks could easily be reversed. However, ransomware attacks have become more advanced, using a strong, public-key encryption that denies all access to files.
WannaCry is a major ransomware attack that took place in May 2017. The attack was able to infect and encrypt more than a quarter million systems globally. In this case, as in many ransomware attacks, the culprits demanded payments in bitcoins. Virtual payments in bitcoins allow attackers to remain anonymous.
Even after some of the money was transferred, the data was not decrypted. The WannaCry attack had an enormous impact on many businesses.. The U.K. National Health Service, for instance, was effectively forced offline during the attack. Downtime such as this has major economic repercussions and caused damages exceeding $1 billion to thousand of companies.
Ransomware attacks have been on the rise in recent years. The Symantec 2017 Internet Security Threat Report states that the ransom demanded has roughly tripled from the previous two years. Studies suggested that even while many executives pay the ransom to have their data decrypted, most never receive access to their files again. This is incredibly damaging to businesses in all industries.
Beginning in 2015, a malicious Android app, called Porn Droid was used to lock user’s phones and change access PIN numbers. This allowed attackers to demand $500 to unlock phones. Attacks like this can come in many shapes and sizes and are likely to continue.
How ransomware works
Ransomware is a malware with specific capabilities, allowing attacks to encrypt data and demand ransom paid to their bitcoin accounts. Ransomware kits are making this an easier task. These kits can be found on the deep web and open up malware opportunities to even those without technical savvy.
It is important, particularly for businesses to take steps preventing ransomware. Some basic steps to IT security that every business should take are as follows:
- Regular backups – All company and customer data should be backed up offline daily, weekly, or monthly depending on the amount of critical data being created and stored.
- Regular updates – Software updates are often include security patches that can help to protect your network from weak points.
- Security Awareness – All employees should be up-to-date on security threats and company best practices. Users should be aware of clicking on links in emails, opening attachments, and downloads that offer potential security hazards.
Increased cybersecurity efforts and disaster recovery plans are becoming an essential part of general IT needs. Using a professional technology services company for data protection helps to ensure minimal damage and quick recovery.
Related Articles: 8 Benefits of using a professional IT Company
Computer worms, viruses, and ransomware are all real concerns for enterprise networks. It is important for businesses to consult IT professionals about cyber security. At CCNY Tech, our team of IT experts will perform full network evaluations, finding and correcting your security weak points and ensuring that all preventative measure are in place. To learn more, visit our website or call us at 315.292.1046.