Ransomware: how to keep your business protected

Cybercrime is now big business and ransomware attacks have risen in prominence and frequency, targeting businesses of all sizes, all over the world.

In fact, ransomware has become the single largest threat to organisations globally: a company is hit by ransomware every 40 seconds.  While media headlines talk about how organisations like the NHS and Telefonica are being hit, cybercriminals aren't solely focusing on large organisations; businesses of all sizes and in all sectors are being targeted.

What Exactly Is Ransomware?

Ransom malware, or ransomware, is a type of malware that prevents users from accessing their system or personal files and demands ransom payment in order to regain access. The earliest variants of ransomware were developed in the late 1980s, and payment was to be sent via snail mail. Today, ransomware authors order that payment be sent via cryptocurrency or credit card.

How Do You Get Ransomware?

There are several different ways that ransomware can infect your computer. One of the most common methods today is through malicious spam, or malspam, which is unsolicited email that is used to deliver malware. The email might include booby-trapped attachments, such as PDFs or Word documents. It might also contain links to malicious websites.

Malspam uses social engineering in order to trick people into opening attachments or clicking on links by appearing as legitimate—whether that’s by seeming to be from a trusted institution or a friend.

Another popular infection method, which reached its peak in 2016, is ‘malvertising’.  Malicious advertising, is the use of online advertising to distribute malware with little to no user interaction required. While browsing the web, even legitimate sites, users can be directed to criminal servers without ever clicking on an ad. These servers catalog details about victim computers and their locations, and then select the malware best suited to deliver. Often, that malware is ransomware.

Malvertising often uses an infected iframe, or invisible webpage element, to do its work. The iframe redirects to an exploit landing page, and malicious code attacks the system from the landing page via exploit kit. All this happens without the user’s knowledge, which is why it’s often referred to as a drive-by-download.

Could Your Company Be A Target?

When ransomware was introduced (and then re-introduced), its initial victims were individual systems (aka regular people). However, cybercriminals began to realize its full potential when they rolled out ransomware to businesses. Ransomware was so successful against businesses, halting productivity and resulting in lost data and revenue, that its authors turned most of their attacks toward them.

How To Protect Yourself From Ransomware

The safest and most efficient way to protect your business information from being held ransom is to ensure that you have an effective and strong disaster recovery plan. Continual backups are essential to ensure that the least amount of data is lost and up-to-date anti-virus, to protect your business from attack.

What To Do If You’re Infected

If you think you have been a victim of a ransomware attack, don’t panic and don’t pay the ransom! Companies are panicking and paying the ransom which is only going to encourage hackers to continue attacking businesses like yourself. The first thing you should do is contact a professional as there is always the option to decrypt your data.

NCC IT Services have years of experience helping customers recover encrypted data and creating a disaster recovery plan to ensure the safety of their business information. We provide a free no strings attached consultation, contact a member of our team today on 028 3026 5600 or email info@nccits.com to find out more about the services we provide.