Ransomware is a type of malicious software that blocks access to a computer or its data by encrypting the system and user files. Once run, the malware usually demands a payment in exchange for a key to decrypt the data. Cybercriminals behind the attack prefer to be paid in Bitcoin so that it is more difficult to trace. Paying the ransom does not always guarantee a solution to the problem.
There are two types of ransomware:
- Encrypting Ransomware incorporates algorithms to block access to system files and documents
- Locker Ransomware locks the victim out of the operating system, making it impossible to access their computer.
Ransomware usually begins with a Phishing Email or through Malvertising which directs the user to a website hosting the exploit kit. The kit then scans the users system for vulnerabilities to exploit and when its finds one the system becomes infected.
Over the years ransomware has become increasingly sophisticated and targeting specific regions, industries and organisations. To pressurise victims there may be time limits to pay and file names may be scrambled so it is not clear which files have been affected.
Some of the latest variants which have been used in recent targeted attacks include Cerber, Gandcrab, Lockergoga, Ryuk and SamSam. Ransomware is a growing and evolving threat and companies should keep up to date and learn how to protect their data.
The most common method for hackers to spread ransomware is through phishing emails. Prepare your employees by –
- discourage users from opening emails, clicking links or opening attachments from unknown sources
- Issue Cyber Security training so all employees are aware of current threats , inlcuding ransomware.
- Use Phishing simulations to test your users and gain an insight into employee behaviour.
- Train and guide employees to recognise the signs of attack.
How we can help?
Through our wide range of partnerships with top MSPs and Security Vendors we can support you with –
- User training and phishing simulation – make your staff your first line of defence and instil a culture of security awareness.
- Email Filtering – prevent attacks before they reach your inbox with industry leading defence against ransomware, viruses, impersonation attacks, phishing and more.
- Backup & Disaster Recovery – implement a Disaster Recovery Solution to backup physical, virtual and cloud infrastructures.
- Patch Management – manage patches or upgrades for software applications and technologies to ensure you are always on the most secure and latest version.
For help and support on any of the above please contact us