BotNet News

Ransomware is a major cyberattack that threatens businesses in the short term and in the long term. Putting systems offline for any amount of time is bad for business, but the longer it takes to re-establish full functionality the bigger the financial hit. The damage may go beyond the bottom line, if customers are turned off and no longer want to do business with an organisation that was attacked.

A victim of a ransomware attack typically receives a message explaining that their files are encrypted, and that they can only be decrypted with a key that only the attacker holds. The victim is then prompted to send an untraceable Bitcoin payment to the attackers in exchange for the decryption key. The most common type of ransomware encrypts all the data on a computer, making it inaccessible, while other variants may only encrypt certain types of file.

Ransomware attackers are motivated by money, and they are quick to realise that a successful attack can cause huge disruptions to businesses, resulting in large payments. The criminals also know that many companies would rather not report an infection to law enforcement for fear of brand damage, legal implications and negative press.

Home users are often the main targets of ransomware attacks, as they typically don’t have backups of their data and fail to invest in the need-to-have cybersecurity solutions or keep them up to date (even after security specialists nag them). Smaller organisations are also attractive targets, as they may have less robust cybersecurity protection in place and have more vulnerabilities that can be exploited.