BotNet News

Your source for Online Security News

Ransomware

A ransomware attack can paralyze an organization – and cost it millions. With high-profile attacks grabbing headlines on a daily basis, how are companies responding?

Ransomware is a type of malware that hijacks your computers and locks down critical systems, files, and even data backups. The attackers then demand a payment in exchange for the decryption keys needed to access your files. Depending on the type of crypto-ransomware you’re dealing with, attackers may also put a time limit on decryption.

Small and medium-sized businesses (SMBs) are a popular target for cyber criminals because they typically have poor cybersecurity and falsely believe that they’re too small to be targeted. Additionally, they are more likely to pay a ransom than large organizations. Public institutions are another attractive target because they usually have irreplaceable data that makes them more willing to pay quickly.

Attackers gain entry to a network through known vulnerabilities in software programs, often as a result of one user clicking on an email attachment or leaving a flaw-ridden application exposed to the Internet. In fact, Unit 42 found that 48% of ransomware cases begin with a vulnerability exploit.

Once an attack begins, it can be very difficult to contain and stop. For this reason, you need to have a robust and comprehensive incident response plan in place. First and foremost, you need to have a secure backup system in place. Backups should be regularly updated, and they should never be stored on the same networks that are infected by ransomware, as this can corrupt them. Next, you need to report the ransomware attack to law enforcement immediately. Not only does this help to ensure that the criminals are brought to justice, but it can also unlock a variety of tools and resources that you don’t have access to.