The threat of Ransomware

7 June 2017

A very topical subject at the moment and from an online payday lender's perspective a very serious one. Ransomware attacks have become increasingly common and affect all kinds of organisations and industries across the globe.

What is Ransomware?

Many programs have been developed which are very effective in helping those people who use different programs to work. Many companies are dependent on such software. Normally this software is developed with the intention of creating a program which can be helpful for people to work by improving the efficiency. But it can also be used negatively. Ransomware is one such negative use. They are actually those programs which are created by the people to create problems in the use of computers. When these programs are opened, it locks the system, and the user will be unable to perform many important tasks. The perpetrators then ask the user to pay a certain amount of money (ransom) if they ever want to recover their files again. Ransom prices vary depending on the ransomware variant and the price or exchange rates of digital currencies. Thanks to the perceived anonymity offered by cryptocurrencies, Ransomware operators commonly specify ransom payments using this medium. Recent Ransomware variants have also listed alternative payment options such as gift cards.


Ransomware attack

Ransomware facts

To put some context to the threat of Ransomware, consider the facts below based on data compiled by the Computer Crime and Intellectual Property Section of the U.S. Department of Justice:

  • In the U.S alone, more than 4,000 Ransomware attacks have occurred every day since the beginning of 2016. That's a 300% increase over 2015, where 1,000 Ransomware attacks were seen per day
  • 78% of people claim to be aware of the risks of unknown links in emails. And yet they click anyway.
  • Nearly 50% of U.S. organisations have been hit with Ransomware
  • 52% of organisations that suffered successful cyber-attacks in 2016 aren't making any changes to their security in 2017
  • Less than half of Ransomware victims fully recover their data, even with backup
  • The average ransom demand is now $679

What a Ransomware attack looks like

Ransomware is usually sent by along with spam e-mails. The e-mail which actually is spam is sent to the people with a catchy subject line and due to this, people may open the e-mail. Now if the e-mail is opened the Ransomware will enter into a person's computer system. Ransomware is attached to such e-mails which have a higher open rate. The statement in the subject line may be an attractive job offer or something like that which tricks an individual to open the malicious e-mail.

However, this is not the only way that Ransomware 'payloads' can be inserted into an operating system, for example delivery can be by remote access and remote-control applications. If you can’t avoid using such applications, and let’s face it sometimes you need to use a USB stick or connect to a device via Bluetooth, then make sure you deploy strong passwords and if possible use two-factor authentication. Also ensure that you are using the most up-to-date version of the application.

Impact of Ransomware on data protection

Ransomware and malicious cyberattacks can wreak havoc on data availability. Businesses and private PC owners that aren't properly backing up data can find themselves paying threatening ransom payments in an attempt to get their data back. Despite there being many different flavours of Ransomware, they all essentially prevent normal use of your device and will instruct you to do something (usually make a payment) to release or unlock your PC.

Cyber-criminals can target any device, whether it's a home computer, endpoints in an enterprise network, or servers used by a government agency or health care provider. A Ransomware attack can:

  • Prevent you from booting your device or starting your operating system
  • Encrypt your files so you can't use them
  • Stop certain apps, for example, your web browser from running

Ransomware will demand that you pay money (a 'ransom') to get access to your PC or files. They might even ask you to complete surveys. Bear in mind that just because you pay-up, returning to the status quo might never be achieved. It can be incredibly difficult to restore your data after an attack.

Prevention rather than a cure

It is very important that you protect your computer from Ransomware. The Ransomware will affect the performance of your system. It will not let your computer to work at its normal pace. Its accuracy and efficiency may also be affected. Protecting your computer from Ransomware is crucial. There are many small steps you should take to protect your system from Ransomware. You must install firewalls to protect it from Ransomware. You must also be choosy about the e-mails you open. The spam e-mails are the primary tool used by the hackers to spread malicious software like Ransomware. Normally the open rate of the spam e-mails is not very high, given the easy-to-spot features in a spam email, such as spelling mistakes and lack of an unsubscribe link but unfortunately some do get opened. To avoid, you must maintain vigilance and have a healthy dose of scepticism about the emails you receive. Listed below are other things you can do to prevent your system from cyberattacks such as Ransomware:

Make sure to store important data in multiple places or better still backed-up to a cloud facility. This way if one device is compromised you can afford to 'burn it'.

Do not let a cloud back-up get out of control. Ideally open them only once a day, to sync your data, and close them once this is done. Make sure to choose a robust password and avoid writing that password down.

Update your operating system and the software you use. Make sure they are up to date, including the latest security updates. Try signing in with a guest account on your PC from time to time instead of as an administrator. This gives limited privileges.

Turn off macros in applications and remove plugins from your browsers. Adjust your browser's security and privacy settings for increased protection. Remove outdated plugins and add-ons from your browsers. Only keep the ones you use on a daily basis and make sure they are updated to the latest version.

If it's too good to be true it usually is. Use an ad-blocker to avoid the threat of potentially malicious ads. Never open spam emails or emails from unknown senders. Never download attachments from spam emails or suspicious emails. Never click links in spam emails or suspicious emails. If the email is not from a trusted source, don't open it.

Use a reliable, paid antivirus product that includes an automatic update module and a real-time scanner.


What to do after a Ransomware attack

Once your computers have been cleaned from a Ransomware, ensure that you carry out a detailed scan of your systems and network. Make sure your backup system is in place, and it is working. Back-up all your data daily and keep a back-up of the back-up. This may seem stressful, but it is effective in ensuring that you do not lose data in the future. Test your back-ups regularly to ensure that the data stored on it can be recovered in case of an attack. Employ the services of professionals who can provide a Ransomware clean-up of your systems. Install trusted and paid anti-malware security on your system. Sometimes these may not detect Ransomware, but they still go a long way in protecting your system.

Summary

Cyber-crime is on the up. We all need to be vigilant at all times and maintain a healthy dose of scepticism about adverts, offers or incentives. Ultimately total protection is impossible but with some simple steps you can go a long way to protecting yourself, your business and your wallet.