Ransomware is a type of malware designed to encrypt, erase, or block access to files on a system, until a ransom is paid by the victim. Payment is most often asked for in crypto-currency, such as Bitcoin, but prepaid cards or gift vouchers are sometimes accepted. The malware can infect a variety of devices from computers to smartphones, rendering the devices totally inoperable. Since the thieves want a quick pay off, they often target entities with sensitive data like universities, law firms, police departments, government agencies, or medical facilities that want to keep the infiltration quiet. Typically, a message will appear on the victim’s device threatening them with a permanent loss of their data, unless the price is paid. These attacks are usually spread by phishing e-mails, which supply an infected link or attachment. Sometimes, a drive-by download is the method of attack. This is an unintentional download that will take advantage of a browser, app, or operating system that has a security flaw, without the user needing to accept or even being made aware of the software installation. In other cases, the hacker isn’t motivated by money. Sometimes, they want to use the malware for destructive purposes, such as sabotaging critical data to disrupt law enforcement or destroying evidence. Most of the ransomware attacks that have taken place in the past have been linked to poor practices by employees with respect to security standards. Educate yourself on how to avoid these online attacks and have a remediation plan ready, in case you are the next target.
- Take full advantage of security awareness training.
- Run all updates, patches.
- Use robust intrusion detection software and hardware.
- Maintain reliable backups and recovery plans.
- Use reputable antivirus software and a firewall.
- Do not provide personal information when answering an email, instant message, or text message.
- Do not click on suspicious links or attachments sent through email.