Ransomware is a pesky form of malware that will lock your computer or keyboard and prevent you from having access to your own data until you pay the ransom. Bitcoin is typically used to pay. This form of malware has been around since 2005, but the scheme has been greatly improved now that ransom cryptware has been developed, a program that can encrypt your files with a private key possessed by the attacker, rather than simply locking your computer or keyboard. Ransomware is much like being held at gunpoint by a thug that tells you to pay or lose your data.
When a company is given an ultimatum, they will typically cave in and give the attacker whatever they are asking for so they can get their data back. Though this may seem like the best way to solve your problem, it really isn’t. Unfortunately, the attacker will still have access to your system and can encrypt and decrypt any of your files whenever he pleases, then charges you every single time. Even knowing this ahead of time, many companies still pay the attacker.
According to the FBI, in 2016, ransomware attacks brought in over $1 billion. CryptoWalk ransomware, one of the most popular ransomware operations, brought in over $100 million alone in 2016, according to Computer Discount Warehouse, or CDW. In 2015, CryptoWalk did over $325 million in damages through the infrastructure and servers, as well as the research that went into defending against it.
Many ransomware attackers will use the decrypted data to hide the code that allows them to later reinfect the host. This means if you have paid once, you will likely have to pay again. Occasionally, the same attackers will simply destroy the data without even requesting a ransom.
How to Defend Your Business from Ransomware
There are a few steps you can take to defend your systems from ransomware.
- Use backups that are effective: you can save yourself a lot of trouble and money by having your IT consultant regularly back up data to an external location. If your system is infected with ransomware, your organization can get back up and running quickly by using the backup data.
- Training users: most ransomware infections are the result of system users opening attachments or links that are connected to bad payloads. By training users to watch for these links, IT teams can help avoid networks being infected.
- Have security solutions deployed: you can prevent infections and detect ransomware by using security solutions such as email filters, firewalls, and anti-malware.
If you need help dealing with ransomware or want to set up solutions to prevent your network from infection, please contact us at RedWave Technology Group, LLC. We can walk you through ways to keep your network safe and free from ransomware.