Ransomware – What is Ransomware and How Does it Affect Your Organization?
Ransomware is a type of malware that encrypts a user’s files or data and asks for payment in exchange for decryption. The attack typically begins with a malicious attachment or website that lures the victim into visiting, downloading or opening it. Once the malware has entered the computer, it begins encrypting files and folders on local drives, attached storage devices and backup drives. Generally, the victim is not aware they are infected until they can no longer access their data and start to see computer messages telling them that the attacker has taken over their system and will not return it until a ransom is paid.
The victim is told to send the ransom in Bitcoin, a virtual currency, because it provides them with an untraceable method of payment for the decryption key that will unlock their data. Once the ransom is paid, the attackers usually remove their malware and the victim receives a decryption key to recover their files or data. The decryption key may work, but if the files were corrupted during the encryption process, they will remain encrypted forever.
Ransomware attacks continue to increase in complexity and frequency, with the majority of ransomware incidents involving organizations. As a result, these attacks have caused tremendous losses in business productivity, revenue and customer trust. Organizations can take steps to prevent ransomware, such as patching operating systems, software and digital devices on a regular basis and keeping employees well-versed in how to identify malspam, suspicious websites and other common scams.