What Your Company Can Do About Ransomware

By School of Professional Advancement | Date Monday, Aug 27th, 2018


You’re at work, about to wrap up an important project when a message pops up on your screen. It’s a “ransom note.” In exchange for access to your company’s files, which have now been encrypted, you must pay a sum of money to an unknown hacker. Your company has been the victim of ransomware.

Although ransomware has been around for decades, it has become an increasing menace over the past few years. It is now harder to detect, easier to produce, and quite lucrative for hackers if companies or individuals are willing to pay up. In one of the worst cyberattacks of 2017, the ransomware WannaCry affected more than 300,000 computers in more than 150 companies, crippling hospitals, banks and businesses around the world.

Types of Ransomware

Ransomware can be packaged in a variety of forms, but typically work similarly: malicious software is deployed on your computer that then holds your files hostage until a ransom is paid. Below are some of the most common variants of ransomware:

Lockers

This type of ransomware will prevent you from logging onto your computer until you have paid for a key to unlock the system. A great example of this is Petya, which encrypts entire computer systems and keeps them from being rebooted.

Crypto

Also known as encryptors, this is the most common type of ransomware. Like WannaCry in 2017, crypto ransomware will encrypt your files and demand a ransom in exchange for access. In certain cases, the ransom increases if not paid by a specific deadline.

Scareware

As implied by the name, this type of ransomware uses scare tactics to elicit payment from the victim. Spider, a ransomware that was primarily distributed across Europe, was hidden in Microsoft Word documents that were made to look like debt collection notices. When the right macros were enabled, the ransomware would encrypt files.

Ransomware is also frequently disguised in emails, a medium that makes the malicious software easy to spread. One of the most famous strains of this kind of ransomware is Locky, which is sent to the victim as an invoice that, once opened, instructs the reader to enable macros that will start to encrypt their files.

Preventing an Attack

Cybersecurity research firm Cybersecurity Ventures predicts that ransomware will cost businesses $11.5 billion by 2019 *, up from $5 billion in 2017. Even if you think your company is safe from an attack, it’s important for anyone in a cybersecurity job to take preventative measures so you do not leave your business vulnerable. Below are a few steps you can take to ramp up your security:

Backup your data.

If your system is affected, you will still have a copy of your files. This not only protects your data, but it also saves your company from having to pay a hefty ransom. Some experts recommend you backup your data to the cloud, however, the cloud can be vulnerable to ransomware as well. Your best option is to save your data on an external storage device – just make sure it’s not attached to a computer that could potentially become infected.

Update your system.

This not only includes your company’s security software, but the operating system as well. Outdated software can be more vulnerable to attack, as witnessed with WannaCry, which infiltrated computers through a Microsoft Windows vulnerability that has since been fixed with a patch. Apple devices aren’t safe either – KeRanger is known as the first ransomware that can lock Mac OS X apps.

Test for vulnerabilities.

Have your IT or cybersecurity team test for any areas that may be open to an attack.

Don’t open suspicious emails or attachments.

It may sound obvious, but if it looks suspicious or unfamiliar, it probably is. Create an awareness campaign so your team and everyone in your organization know what signs to look for, and how to report potentially infected emails that may be sent to the company.

Limit users.

Only give certain privileges to those who need them. Leave administrative access with the IT team and make sure your team members can only access what they need to access.

How many of these protections do you already have in place? If you’re an IT expert ready to learn the information security skills to become a leader, take a look at the new online Master of Professional Studies in Cybersecurity Management offered at the Tulane School of Professional Advancement. Fill out the contact form now for more information.

* https://cybersecurityventures.com/ransomware-damage-report-2017-5-billion/