With the rise of cybercrime, ransomware is a serious threat. Here’s what you need to know about the file-encrypting malware, how it works and what you can do as an institution to protect yourselves.
What is Ransomware?
Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases or applications. A ransom is then demanded to provide access. Ransomware is often designed to spread across a network and target database and file servers, and can thus quickly paralyze an entire organization. It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses for businesses and government organizations.
How do you avoid ransomware?
To avoid ransomware and mitigate the damage if you are attacked, follow these tips:
- Back up your data
- Secure your backups
- Use security software and keep it up-to-date
- Practice safe internet surfing
- Only use secure networks
- Stay informed
- Implement/participate in security awareness
What Do You Do If You Suspect a Ransomware Attack?
If you suspect you’ve been hit with a ransomware attack, it’s important to act quickly. Fortunately, there are several steps you can take to give you the best possible chance of minimizing damage and quickly returning to business as usual.
- Notify Information Security
- Isolate the infected device
- Stop the spread
- Assess the damages
- Locate Patient Zero
- Identify the ransomware
- Report the ransomware to authorities
- Evaluate your backups
- Research your decryption options
- Move on
Why Shouldn’t I Just Pay the Ransom?
There are several reasons why it’s recommended not to just pay the ransom including:
- You may never get a decryption key
- You could get repeated ransom demands
- You may receive a decryption key that works – kind of
- You may be painting a target on your back
- Even if everything somehow ends up fine, you’re still funding criminal activity
In the end, protecting yourself and your institution against cybercriminals starts with an effective training program. Educating your staff can reduce your institutional risk and, in the end, save you money.