On Friday, May 12, 2017, the world experienced one of the largest “Ransomware” attacks in history. The Ransomware hit dozens of countries around the world, causing damage to critical infrastructures within hospitals and public transportation, and to businesses including law firms and financial institutions.
Since 2016, cyber attacks through Ransomware have grown exponentially, and now surpass all other forms of malware as the number one menace to cyber assets and the technology infrastructure. The rise of Bitcoins (digital untraceable payments) has contributed greatly to the increasing popularity of Ransomware among hackers. Protecting yourself and your clients from Ransomware means understanding how it works, then taking appropriate security actions. The information contained in this piece is meant to arm you with the knowledge you need to minimize your risk from Ransomware.
What is a “Ransomware”?
Ransomware is a type of Malware (Malicious Software) that prevents or limits users from accessing their systems, either by locking the system’s screen or by locking the users’ files until a ransom is paid. Modern Ransomware families are collectively categorized as crypto-ransomware. They encrypt certain file types on infected systems and force users to pay the ransom online to get the decrypt key.
It’s important to emphasize that while ransomware may harm you personally, it is a much bigger threat to your firm, company or clients. Some Ransomwares work as “Worms,” which means that when they get into one computer, they look for other devices and spread across the network, thus compromising the entire company and its clients. The last Friday attack of the “WannaCry” Ransomware worked that way, causing tremendous damage on its way.
When attacking firms or companies, the hackers behind Ransomware can demand a massive amount of money (professional extortion) to restore the company files. In addition, although the main motivation for a crime like this is quite obviously money, there are other motivations that can trigger someone to activate this kind of malware. These include a desire to disrupt legal procedures, harm your reputation, or force you to give away sensitive information (different types of Cyber Extortion).
How does the Ransomware get into my system?
Ransomware usually penetrates the system when unsuspecting and unaware users (like you) make a mistake. These are two of the most common mistakes: a. Visiting unfamiliar websites, without checking if they are trustworthy. Some websites are malicious or compromised. These are two of the most common mistakes:
a. Visiting unfamiliar websites, without checking if they are trustworthy. Some websites are malicious or compromised websites, and cause an immediate infection once you access them. In this case, you don’t need to download anything, the website will do it automatically. b. Downloading attachments or clicking on links: Ransomware can also arrive as a payload either dropped or downloaded by other malware. Some
b. Downloading attachments or clicking on links: Ransomware can also arrive as a payload either dropped or downloaded by other malware. Some Ransomwares are known to be delivered as attachments from spammed email, downloaded from malicious pages, or dropped by exploit kits into vulnerable systems.
Though current worldwide attacks are decreasing, Ransomware attacks will not go away. They will very likely become larger in scale and frequency. This should be your wake-up call, because the next attack is right around the corner, and we don’t have the luxury of saying: “it won’t happen to me.” You should assess your current gaps, and take the needed measures before it’s too late.