Stressed Lady

What Is Ransomware?

Published 21 March 2018

Picture the scenario. You walk into work first thing Monday morning, ready to face the week. You make yourself a cup of coffee and head to your desk, turning your computer on as you get settled. But instead of your familiar boot up screen, you see a green screen, decorated with a padlock and a message:

“Your documents and files have been encrypted. To get your files back, you will need to purchase your encryption key within the set date. Failing to do so will result in the destruction of your key.”

What do you do?

Over the last few years, ransomware has made a rather big impression on business owners everywhere. With recent attacks like WannaCry, BadRabbit and NotPetya rendering data useless, businesses have been endeavouring to protect themselves against ransomware attacks; but what exactly is ransomware, and what does it mean for your business?

What Exactly Is Ransomware?

Ransomware is simply one of the many types of malware infection (we’ve talked broadly about those here). But unlike typical malware, which likes to stay under the radar, ransomware makes itself known fairly quickly. If your systems have been infected with ransomware, your computer will suddenly freeze up, followed by a locked screen, displaying a message similar to the one above. The wording will differ depending on who’s behind the attack and what they want from you, but typically, it will be a demand for money, in exchange for access to your files again. The amount demanded is rarely under £100, and can sometimes climb above £1000. The threats may also vary between ‘we’ll delete all of your information’ to ‘we’ll post it all over the web’ – which in this day and age is just as much of a risk. You could try restarting your system or even installing a new hard drive – the message won’t go away. Ransomware isn’t just limited to your computer systems either, your mobile and tablet devices are just as susceptible to ransomware infection, resulting in a completely locked down and useless device.

What Happens If I Pay The Ransomware?

Usually, absolutely nothing. Sorry. In the early days of ransomware (before the 2013 resurgence), many cyber criminals were good to their word and released the encrypted files once they got their money. But this encouraged people to just pay up, which attracted more and more cyber criminals who weren’t so honest. So now, if you pay, your computer may appear to unlock and restore your files, but the next time you boot it up the same message will appear, demanding more money from you. More often than not, making a payment won’t do anything at all, and paying it will simply leave you out of pocket, and with more malware infections to deal with. Ransomware will almost always ask for a currency transfer to untraceable prepaid cards, or through untraceable cyber currency like Bitcoin or MoneyGram.

How Can I Protect My Business?

All forms of malware are pretty much spread the same way. Spam emails containing links to infected sites, infected email attachments, pop-up ads and banners to infected sites, and other scams. Now that 51% of the world’s population has access to the internet, malware development has almost been prolific. Which is why it’s so important for your business to have a robust malware solution in place. This should include things like firewalls, individual antivirus protections for machines, server-side protections and company wide education (which prevents malware from even getting as far as your IT systems).

Of course, good cyber security is all about planning for the worst, so you should have a backup plan in place as well. In this case, we’re being quite literal. Back. Everything. Up. It’s quite startling that so many businesses still aren’t creating regular backups of their business’s critical data, so that if they are hit by attacks like ransomware, they can pick up and carry on working without risking their business. At its core, ransomware exploits people’s unwillingness to back up their most precious data onto a separate machine or server – meaning they can hold your files hostage and expect you to pay, because that’s your only copy. By backing up your data, you are mitigating a huge amount of risk. And by employing an expert to secure your systems, you’re taking affirmative action against such attacks. 

At Bridewell, we help businesses find and repair security flaws in their business, and protect their critical data from all angles. For advice on how to avoid becoming a target of ransomware, or to discuss your cyber security options,  just get in touch with our team today.

Author

Gavin Knapp

Cyber Defence Technical Lead

Linkedin