Ransomware is on the rise, how can your organisation protect against attacks?

Ransomware or Ransom malware is a type of malware that prevents users from accessing their systems or personal files and demands payment in order to regain access.

Ransomware scams have grown internationally and those that fall victim are threatened that sensitive and confidential data will be published unless a ransom is paid. In July 2018 it was reported that there was 181.5 million attacks within the first six months of the year. With Travelex recently being held to ransom for £4.6m by a criminal group named Sodinokibil or REvil, are there steps you can do to prevent a Ransomware cyberattack?

How does this happen?

Typically a file is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives either as an email attachment or by clicking a link on a website or pop-up advertisement that looks authentic.

Once a computer or network is infected with ransomware, the malware blocks access to the system, or encrypts the data on that system. Cybercriminals demand that the victims pay a ransom in order to regain access to their computer or data.

Some types of ransomware include:

Scareware – a form of malware, which uses social engineering and psychological manipulation of people into performing actions of divulging confidential information, to cause shock, anxiety or the perception of a threat in order to manipulate users.

Screenlockers – plays with user’s fears so that malware authors are able to manipulate them into infecting their computers with ransomware. Delivered through malicious and infected sites, lock screen ransomware can ride along fake advertisements. Users encounter a pop-up ad that warns their computer is infected and they unknowingly download an infected file.

Encrypting ransomware – is a form of ransom malware where advanced and complex encryption algorithms are used by ransomware creators to encrypt all data saved in an infected device.

Some simple ways to protect against exploits and shield your vulnerabilities

Update operating systems, browsers and plugins. Updates from operating systems, browsers and plugins are frequently released to patch any security vulnerabilities discovered.

Enable click-to-play plugins, which prevents malware software installing without permission. Malware authors use exploit kits, which look for vulnerability on devices. Pop-ups or fake advertisements are used to install malware onto devices by exploiting the security hole.

Remove software you do not use. Using software no longer supported will leave you wide open to exploit attacks.

Social engineering leaves users open to scams and cybercriminals have got rather deft at tricking users. Some tips for being more socially savvy is to read emails with an eagle eye, don’t call numbers or click on pop-ups and be wary of calls from cold callers, scamming you into believing they are from your tech support company.

If you become the victim of a ransomware attack, do not pay the ransom. It will not guarantee that they will return your data.

Avoid becoming a victim of the next ransomware attack by protecting yourself. Why not put some preventative steps in place and speak with one of our experts.