Ransomware is one of, if not THE, greatest threats facing small-to-midsize businesses today, and as ransomware continues to wreak havoc and catch headlines, it’s no wonder that IT teams are doubling down on protection against these debilitating attacks.
Ransomware is a type of advanced malware attack that takes hold of a device, either locking the user out entirely or encrypting files so they cannot be used. This type of malware can infect your device in a variety of ways.
Whether downloaded from a malicious or compromised website, delivered as an attachment in a phishing email or dropped by exploit kits onto vulnerable systems, once executed the ransomware will either lock the computer or encrypt predetermined files. The attacker will then make themselves known with an “official” ransom demand, as well as thorough instructions and timelines on how to make a payment to regain your assets.
One of the most common methods of delivering ransomware is through a phishing email attack. These targeted emails are often written in a way that the unsuspecting users would never know that it wasn’t from a legitimate sender. They often contain a malicious link or download that grants the hacker passage to not just this device, but opens the door to your entire organization.
Spear-phishing is a more sophisticated targeted attempt to steal sensitive information from a specific victim for malicious reasons. This is achieved by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online.
The attackers then disguise themselves as a trustworthy friend or entity to acquire sensitive information, typically through email or other online messaging. This is the most successful form of acquiring confidential information on the internet, accounting for 91% of attacks.
Email is the #1 ransomware delivery method
And the associated costs are soaring – the ransom demands (should you choose to pay) have increased from $294 in 2015 to an estimated average of $13,000 per attack in 2019. And there are no guarantees that paying the ransom will result in you regaining access to your files.
It’s agreed by all security experts that prevention is the best cure … there are commonsense measures that you should be sure you & your staff are aware of.