What is Ransomware, and How Can You Prevent It?
The term “ransomware” has (unfortunately) become increasingly popular in today’s online landscape. Ransomware affects everyone from everywhere – not just business owners or IT professionals. For those who do not live and breathe network security, what is ransomware, and how can you prevent it? We’ve outlined the topic to help you get a better understanding, so you can better protect yourself.
What is ransomware?
Ransomware is a multi-million-dollar crime operation that encrypts files on infected computers, making these files inaccessible, and only releases the code to unencrypt the files when the user pays a ransom (typically in bitcoin). In 2017 alone, the FBI reported that the IC3 (Internet Crime Complaint Center) received 1,783 complaints identified as ransomware with adjusted losses of over $2.3 million.
Who is affected?
Any person and any business that depends on daily access to critical data. Ransomware targets large enterprises, small businesses, government agencies, police departments, online casinos, banks, hospitals, and essentially any computer user who has access to important information on their device.
What can you do to avoid ransomware?
If you’re at risk for a ransomware attack, here are simple steps you can take to protect yourself and your business:
1. Look for suspicious emails – and don’t click on links
The primary method of infecting victims with ransomware involves every hacker’s favorite bait – the “spray-‘n-pray” phishing attack, which involves spamming you with emails that carry malicious intent. These emails typically include a URL or attachment that when clicked, allows the hacker access to crawl your machine and take control of your data. It’s important that you do not click on any links or attachments without first questioning if the email is from a verified source. Here are some common themes to look for when questing if an email is legit or a scam:
- Double check the email address. Hackers are getting smarter and are tapping into your social networks to see your connections. They can easily find who your boss is and create a fake email account with your boss’ name, only to then send you an email from that account asking you to wire money or send them their account information. If the email doesn’t look like theirs (i.e. their actual account is firstname.lastname@example.org but the attack comes from email@example.com) then you should know to question the email and give your boss a call to confirm the request.
- Look for misspellings. Phishing emails are often sent from scam artists with poor writing skills. If you receive an email from an outside source (or from a fake account) that has bad grammar, missing punctuation, and frequent misspellings, it’s worthwhile to question the email.
If you are ever unsure about an email you receive and believe it may be a phishing email, never click on links or reply to the email. Your first step should be to forward it to your IT team and contact technical support. The further down a path you go, the more likely you are to get infected, or if already infected, cause more damage.
2. Back up your data
One of the best defenses against ransomware is to not be vulnerable to ransomware threats in the first place. Back up your data daily to ensure you won’t be forced to pay to see your data again if your computers and servers get locked by hackers.
However, it’s not always enough just to back up to an external hard drive, or even to the cloud. Many ransomware programs are specifically designed to search backup devices, even across your network and cloud storage, encrypting everything in its path. To protect yourself, the easiest way you can manage this is to use a cloud service that provides automatic versioning. That way if the most recent versions are encrypted, you can still recover from earlier versions.
3. Keep your computer or mobile device updated
Another step you can take to protect your computer or mobile device from threats like ransomware is to regularly install the latest updates. The best way to do so is to turn on automatic updates, so your device will keep itself updated and patched against the latest threats.
4. Install a reputable antivirus software and firewall
In addition to keeping your device up-to-date with the latest security enhancements, antivirus software can prevent malware from infecting your computer. With antivirus software, the same principle applies: make sure to keep the antivirus app up-to-date so it blocks the latest emerging malware, and only download antivirus apps from reputable vendors recommended by your IT team.
5. Educate, educate, educate
If you are a business owner, one of the most critical steps you can take to protect your business is to educate your employees. Educate them on the signs of a phishing email, the importance of keeping data secure, and what to do if their device gets infected. We’ve found that hosting an educational event (i.e. a lunch and learn) can be an effective way to catch employee attention and enhance engagement. It’s also important to continue this education – make it a part of onboarding new employees and host an event at least once a year to keep safety top-of-mind.
What should you do if you are attacked?
If you fall victim to a ransomware attack, your first step should be to reach out to your dedicated IT contact. It’s also advised to contact the FBI so they are aware of the situation and can help put a stop to it. Do not pay anything up front and wait to be advised by the experts on what to do.