Ransomware is a form of malware that tricks users into allowing powerful encryption software onto their workstation, when a user opens a seemingly innocuous email attachment received from a known sender. The attachment may appear as a graph, or chart… but it is typically discarded as a “sender error” and the email is closed or deleted; the user typically forgets about it. However, something did happen. In addition to the graph or chart, the attachment also released a powerful encryption routine.. essentially a virus, that proceeds to work its way through as many of that user’s files as it can, hundreds, even thousands of files, encrypting (scrambling) their data rendering the files unreadable (without a password, or key).
The ransomware will then leave a note in the desktop with instructions to pay a ransom for the decryption key.
Ransomware uses very powerful encryption technology. Breaking ransomware code would take a government-sized institution an unreasonable amount of time. It is simply easier for an affected businesses to pay the ransom.
The message often threatens to raise the ransom amount if it is not paid by a deadline. It may also demand that the target transfer the ransom money to a pre-paid account or through Bitcoin so that the ransom cannot be tracked back to the hacker.
Prevention is the best way to stop ransomware from costing your business lost data, money, and time.
To avoid a potential ransomware disaster,
- Frequent back-ups of all files to an offline source should be made.
- Staff should routinely be reminded to be wary of vague emails, phone texts and social media messages with unfamiliar links and unsolicited file attachments.
- The latest patches for each computer’s operating system and antivirus software should be applied
- Ad and pop-up blockers can be added to network web browsers.