Ransomware: Much More Than The King’s Ransom

The concept of ransom has been around for ages. Historians believe Julius Caesar was once kidnapped and held for ransom by pirates! It’s even said that he laughed in their face when he heard his captors’ low ransom demand.

But don’t take your technique from Caesar – ransomware is no joke. An attack means data compromise and downtime, and could cost your business a fortune.

Ransomware is a type of malicious software that hackers install to encrypt your data and files, rendering computers, data, and servers unusable until you pay the ransom demand.

Why worry about ransomware?

If your systems are hit with ransomware, a ransom message will appear on your screen stating the payment amount with instructions to unlock your data. Payments are typically demanded in the form of cryptocurrency. Amounts aren’t always egregious like you might expect. For example, a school system in Brewer, Maine was hit last year and the demand was $1,400—not $1.4 million—something hackers figured the school could probably afford.

While a $1,400 bounty might not seem awful, ransom demand is only a fraction of the true cost of an attack.

The hidden costs are what really hurt, for example:

• Downtime: Businesses can’t afford to be locked out of their files and machines for days, or even weeks, while they fix the problem.
• Credibility: Trust, reputation, and brand image can be destroyed overnight when customers hear you negotiated with cybercriminals or, even worse, had their data stolen.

How do they get you?

As with most malware, ransomware can be delivered in several ways:

• Sent as a malicious link or attachment in a phishing email.
• Pushed through exploited software vulnerabilities.
• Disguised as a legitimate software application or update.

And once they do get to one machine, they can quickly get to others. Attacks are often designed to move through the network, infecting other machines and sometimes even the network storage backup.

Ransomware is so prolific and continues to grow because it’s so easily accessible. For less than $100, criminals with limited technical skills can purchase a prepackaged ransomware delivery service on the Dark Web.

How to protect the crown jewels?

With an estimated 4,000 attacks every day, taking ransomware seriously has to be a key business priority. What can you do to protect your organization?

• Train your team. Educate your cyber-defenders with awareness training and best practices. Conduct phishing simulations to test them (engaging content and performance prizes can help with adoption!).
• Install Next-Generation Antivirus. Most ransomware attacks bypass spam filters and traditional antivirus. While no software offers 100% protection, a next-generation antivirus solution can help protect against advanced threats.
• Patch and update. Keeping your software up-to-date, on all systems and devices—including mobile phones—reduces points of exploit.
• Back up your data. While it won’t prevent ransomware, keeping updated backups can help to recover from attacks more quickly. And you hopefully won’t need to risk making the ransom payment at all. Consider the 3-2-1 method.

Don’t get locked out of your own castle. Be cyber-secure and cyber-aware and position yourself to keep away from real threat of ransomware.

Stay Safe,
Your Friends @ Defendify