Ransomware is defined as a term for the many variations of malware that infect computer systems, typically by social engineering schemes.
Ransomware sometimes marks the files for permanent deletion or publication on the internet. The perpetrators then demand a payment (usually in untraceable cryptocurrency like Bitcoin) for the private key required to decrypt and access the files. Infamous ransomware examples include CryptoLocker, CryptoWall, Locky, Cerber, KeyRanger, SamSam, TeslaCrypt, TorrentLocker, and Reveton.
Ransomware perpetrators cast a wide net. They target small to medium-sized businesses with I.T. security loopholes, valuable data, and a modest budget to pay the ransom.
To get into your systems, they may send a phishing email to your staff. It has been proven that 94% of people can’t distinguish between a real email and a phishing email. Attackers only need one person within your organization to click on a link or open a malicious attachment.
Ransomware cybercriminals are organized and profitable. It is estimated that this type of attack earns criminals $10 million to $50 million per month. There are entire ransomware outfits working out of office buildings, making the stealthy and disruptive pieces of malicious software, and designing deceptively simple schemes to infiltrate small to medium-sized businesses.
The criminals are business-minded innovators. Recently, a Ransomware-as-a-Service organized cybercrime ring was discovered, which infected around 150,000 victims in 201 countries in July 2016; splitting profits 40% to malware authors and 60% to those who discover new targets.
The overhead is low, the profits are high, the Bitcoin is anonymous, the list of targets is endless, the technology is not overly complicated, and the odds of getting caught are low. Ransomware perpetrators are sophisticated, profit-hungry, cyber criminals on the lookout for unsuspecting small and medium businesses to violate.
A ransomware prevention program teaches your staff and users about the dangers of social engineering, phishing, and explains good security practices about email attachments. However, even the most educated staff members are not immune to human error. Education, on its own, is not adequate ransomware protection, but it’s a good start.
The second layer of ransomware defense is a multi-layered anti-virus solution. If a malicious link is clicked, a multi-layered anti-virus solution will often save the system from a full-blown infection. However, new strains of ransomware are being created at a rate higher than antivirus can protect against them, so eventually, the probability that an infection will succeed, is high.
A data protection solution provides the ultimate failsafe in a layered defense strategy. It will take snapshots of your data and systems and store them in a secure location. If you fall victim to ransomware, you can simply ‘turn back the clock’ to a snapshot before the attack happened.