09 Sep Online Security Fundamentals – Ransomware

Ransomware refers to a type of malware designed to force victims into paying a fee in order to restore encrypted files or regain access to a disabled system.

Ransomware is most commonly associated with file encryption. The hackers will infect a device, encrypt files and then display a threatening message demanding payment in return for a ‘decryption key.’ Often the victim will be threatened with the prospect of permanent file deletion if the ransom is not received within a given timeframe.

With sensitive information and business-critical documents at stake businesses often pay the fee, but even this provides no guarantee that files access will be restored. The best course of action your business can take against Ransomware is to avoid encountering it in the first place.

4 common types of Ransomware

Unlike say a Phishing scam, Ransomware isn’t discreet about its intentions or aims. If your computer becomes infected with Ransomware you’ll know about it; it will make its presence known. Nevertheless, let’s have a look at some of the various form’s ransomware can come in and the damage that each can inflict.

Screen Lockers. A type of ransomware that typically makes your computer unusable from point of entry. A Screen Locker will infect your computer’s operating system and disable all functionality beyond your account login. An arresting pop-up message will appear demanding payment in order to restore system access.

Scareware. Scareware arrives in the form of a pop-up on a malware-infected website. The Pop-up will claim to have discovered ‘viruses’ on your computer and will offer anti-virus software to remove them. Not only is the claim to have discovered threats complete nonsense, but the ‘anti-virus’ software will also likely be malware itself, meaning victims of scareware often pay to have their computer infected.

Crypto Ransomware. A Crypto-Ransomware attack uses file encryption to render a user’s files completely unusable. Once encrypted an alarming pop-up will appear demanding payment in return for a ‘decryption key.’ Such attacks often involve the threat of permanent deletion and arbitrary time limits are often imposed. In most cases, file encryption has indeed occurred, but occasionally the pop-up alone is used to coerce money from victims.

Doxware. Doxware uses encryption and an additional threat to extract payment from victims – the prospect of sensitive information being publicly released. Such attacks tend to target high-profile, high-value individuals who could suffer reputational damage or a loss of status if compromising personal information was made public. Actors, singers, politicians and high-profile company executives are common targets for this sinister form of a ransomware attack.

6 ways to prevent Ransomware attacks

Ransomware attacks can be very distressing. Damage can range from devastating, crippling data loss to hours or days of business disruption – Ransomware victims rarely get out of the experience unscathed. While there are steps you can take to mitigate damage in the event of an attack, by far the best line of defence is to avoid Ransomware infection in the first place.

• Use a comprehensive suite of security software. Running a range of security tools will guard against Ransomware at some of its most common entry points. Use a firewall to protect your network, employ web and email filtering to prevent access to malicious sites and email content, and use anti-virus software to detect and remove malware. Additionally, consider implementing a file backup by copying files to 3 separate locations – 1 of which should be offsite. Should a ransomware attack occur you may have to rely on this back-up to get your business back up and running.
• Keep Software patched. Out-of-date, poorly maintained software programmes provide opportunities for cybercriminals to implant malware in your network. Ensure you install all security updates in a timely manner. This means regularly updating your operating system, anti-virus suite and any other software programmes you have installed on your network.
• Treat Email attachments and embedded links with caution. Phishing scams can often be used as a vehicle for Ransomware. Remaining vigilant against such scams will also be useful in preventing a Ransomware infection.
• Make greater use of Cloud services. Email is a common entry point for various forms of malware. By making use of cloud-hosted storage and collaboration platforms you can reduce your team’s reliance on email and thus reduce the chance of infection via a malicious email attachment or link to a malware-infected site.
• Disable Macros. Macros are lines of code embedded within a document that help speed up repetitive processes. Unfortunately, hackers sometimes use Macros to introduce malicious code to a victim’s computer. If you receive a document from an unfamiliar source don’t ‘enable macros’ to view it.
• Don’t pay straight away! If you do suffer a ransomware attack consult a cybersecurity expert on your best course of action. If your backup is robust enough you may be able to restore your files sufficiently to avoid paying the fee. Take advice and avoid paying if you can, as paying the fee is no guarantee that you’ll regain file access and could even result in an increased risk of future attacks.

Where do I begin?

The UK government is currently in the process of rolling out funding to help businesses make efficiency changes as part of its economic response to the Covid-19 pandemic.

These grants of up to £5000 could help you embrace technological change, in order to improve efficiency, resilience and ensure your business is able to sail through these turbulent times relatively unscathed.  This funding could help you invest in productivity-boosting new tech, migrate systems to the cloud and ensure your team are adequately trained and supported in the use of any new technology.

At Netcom, we are well-versed in helping companies in various sectors navigate the often mystifying, jargon-filled worlds of IT.  With over 15 years’ experience and covering virtually all aspects of business IT, we can help guide your business through this uncertain period and help you deploy cutting edge solutions that will not only help you weather the current storm but keep your business at the top of its game beyond the pandemic.

So for guidance on Government funding, IT strategy and digital transformation why not book a free, no-obligation discovery call today by calling 0114 361 0062.