Ransomware is evolving and it has become effective for cybercriminals. There are new versions of very complex ransomware being developed at a rapid pace.
“With nearly 20 billion threats blocked daily, and with more than 1.5 million unique malware samples daily, [there are] 17 new pieces of malware every second,” said Jason Brvenik, principal engineer with Cisco’s security business group, discussing the 2016 Cisco Midyear Cybersecurity Report.
Ransomware is a specific type of malware that attempts to hold your digital presence hostage by encrypting personal files and offering a decryption key(s) in exchange for payment (the ransom). When the malware initially takes hold in the personal device, it shows no signs to the user that anything is wrong. After the vicious work is done in the background (in the device) the user is presented with the ransom demands. The ransom is typically a demand for money in the form of Bitcoin or some digital currency. Keep in mind: even if organizations pay the ransom there is no guarantee that they will get access back to their devices and data.
So how does an organization get infected with ransomware?
In most cases, it is automatically downloaded when users visit a malicious site or a website that’s been hacked. Attackers are using network and server-side susceptibilities now to reach a target.
Then how can you protect yourself from ransomware?
Recommendations for personal devices (such as: laptops, home computers, smartphones, etc.)
- Make sure to install and use an up-to-date antivirus solution
- Keep your software up to date
- Regularly back up important files
- Avoid clicking on links or opening attachments from people that you don’t know or companies that you do not do business with
- Have a pop-up blocker running in your Web browser
Recommendations for companies wanting to improve security:
- Improve network hygiene: Improve aging infrastructure to limit vulnerabilities
- Integrate defenses: Use machine learning techniques combined with innovative data views
- Measure time to detection: Find out how long an attacker can live in your network before they are found
- Protect your users everywhere they are: Protect users whether they’re on a laptop, a smartphone, or another device. Don’t just protect networks but protect users. They are the target.
What should you do if your computer gets ransomware?
- Turn off your infected computer and disconnect it from the network it is on. This is crucial because the infected computer can potentially take down other computers sharing the same network.
- Decide if you whether or not you are going to pay the ransom. If you have backed up your data on a separate hard drive you can at least recover the data you lost from the point of the last backup. Remember, there is a chance that if you pay the ransom your computer may not be released from the cybercriminals.
- You may want to alert law enforcement. They may not be able to assist but should still be made aware of the crime.
Ransomware is a true threat to individuals and companies. There will always be some level of threat from hackers that evolve malware and ransomware. There are countless tools out there that offer security – you just have to use them.