What is ransomware?
Ransomware is malicious software that infiltrates an organization that hackers use to extort money from victims. Ransomware holds the victim’s data hostage via encryptions and hackers don’t return that data until a sum of money is paid to them. Ransomware has been around for a long time, but it has increased in instances since the pandemic started in 2020. Now, hackers are preying on the vulnerabilities of both people and organizations and using fear to increase the success of their ransomware campaigns.
How does ransomware happen?
Ransomware often occurs through phishing emails or through drive-by downloading. With phishing emails, hackers send individuals and companies emails requesting them to click a link or download a file. Once the user does this, the hacker can infiltrate their device and access their data and hold it for ransom. Drive-by downloading occurs when a user visits a malware-infected site and they download malware without their knowledge. With drive-by downloading, users don’t have to give permission to download malware. It automatically occurs just by visiting the site and the hacker can gain access to their data.
The hackers will hold vital data like personal and business information hostage until the user agrees to pay them a certain amount of money. Hackers often request ransomware payments through cryptocurrency so it can’t be tracked back to them. Depending on the size of the company hacked, the ransomware payments can range significantly. If a substantial organization like a Fortune 500 company or a government institution is breached, hackers can demand 6 or 7 figures for the victims to get their data back.
What are some best practices to prevent ransomware?
Companies have to educate their employees on ransomware and the consequences it can have on their business. Some of the best practices for employees to prevent ransomware include:
Not clicking on suspicious links/downloading files: Many organizations have internal security measures like firewalls or notifications when employees receive an external email from someone they don’t recognize. It’s extremely rare that someone who works with a company will include a link or attachment in the first email they send to a company. As a rule of thumb, employees should double-check the email address of the sender and make sure they report any phishing emails to the company. Doing some annual training like phishing simulations can greatly reduce the chances of employees falling prey to ransomware.
No blame culture: Employees who suspect they have done something that could compromise security like downloading a file or clicking on suspicious links will often keep quiet until the damage is done. This is because they are incentivized to do so because speaking up on what occurred may result in losing their job or something similar. Instituting a no blame culture allows for more transparency within a company and it will allow companies to react better in the case of any incidents. Setting up an anonymous hotline for cybersecurity can be an innovative way to significantly improve companies’ reaction to breaches.
Implementing strong spam filters: Organizations should assume the worst possible actions from employees and engineer their security protocol from that lens. By preventing spam emails from reaching employees in the first place, organizations don’t have to rely on the judgement of their employees. Establishing strong spam filters for an organization can be one of the best ways to prevent ransomware. This will increase malware detection significantly while protecting the organization and employee’s data.
To learn more about how you can protect your company from ransomware, get a free assessment here.