The Five ‘Whats’ and ‘Wheres’ of Ransomware
The Whats.
Ransomware is a type of harmful software (malware) that infiltrates a machine and/or network and encrypts the data on it and then the ransomware family jump in:
1. Scareware
Scares people to manipulate them into buying/downloading harmful software, such as fake antivirus, enabling malware access so attackers can steal personal or financial information.
2. Encryptors
Holds data hostage until a ransom is paid. If you fail to pay, your data could be lost for good.
3. Lockers
Locks users out, blocking access to data unless a ransom is paid. Victims typically see a lock screen displaying ransom details alongside a ticking timer to create a sense of urgency.
4. Leakware (also called Doxware)
Aims to extort a ransom payment by threatening to leak sensitive and confidential data online.
5. Ransomware-as-a-service (RaaS)
Non-technical criminals can obtain ‘ready to go’ ransomware code and release infection campaigns themselves.
The Wheres.
To avoid being a victim of ransomware, make sure you know how it can get in and then put in place the means to stop it.
1. Phishing
Phishing emails (and SMS text messages) are the most common cause of ransomware infections – they contain a malicious link or a file that victims click on/download, opening the doors to harmful software.
2. Malvertising
Malware is disguised as an advert and then appears on legitimate, often well known, websites. Clicking on any part of the advert can release the malware onto your device.
3. Malicious Webpages
Infected URLs (web addresses) are getting more and more common and can look totally harmless as a link for you to click on – one tell-tale sign is a mis-spelling of a business/product name in the URL (hover over links to reveal the full URL).
4. Social Engineering
Cybercriminals pose as legitimate entities or people, such as police, delivery companies or head of a company, to trick you into sharing sensitive and private information, so they can use this to breach your systems. These fake interactions can be via emails, texts, social media or phone calls.
5. RDP (Remote Desktop Protocol) Attacks
RDS is a Microsoft Windows OS function enabling multiple users to connect to a network/server remotely. Hackers infiltrate via RDP, gaining access to all your network/server data.
So how do you protect yourself and your business from the five ‘whats’ and ‘wheres’ of ransomware?
Prepare. Educate. Secure. Update.
Prepare
Make sure you don’t think ‘it won’t happen to us’ and that you have put measures in place to not only protect yourself against attacks, but to ensure you backup all data regularly and securely in case you are attacked.
Educate
The majority of attacks are enabled through human error – clicking on a malicious link or file. Regular training and keeping employees informed of the latest threats and how to deal with them is critical. Also, empowering people to inform you immediately (without fear of repercussion) if they do click on a link will go a long way to getting the issue rectified quickly, before too much damage is done.
Secure
Putting in the right levels and layers of protection is vital to cover all areas of vulnerability. Proactive services (such as remote monitoring) will identify and deal with threats before you are aware of them.
Update
Whatever security and protection you have in place, you must ensure that all updates and new releases are installed immediately and correctly to ensure you have the greatest level of protection. New malicious software and cyber threats appear every day so protection needs to be updated all the time.
More information and solutions can be found here >
Topics: Cyber security, ransomware, data protection, data security
