BotNet News

Ransomware is a form of malware that encrypts files on individual computers and entire networks. Attackers then hold data hostage until victims pay a fee to regain access. The threat is especially serious for organizations of all sizes. When a company’s critical data is held for ransom, the impact can be financially devastating and reputational damaging.

The first known ransomware attack occurred in 1989 when a Trojan Horse virus hiding in AIDS research software was sent through floppy disks. That malware locked AIDS patients’ computer screens and demanded USD 189 to reopen them. Since then, cybercriminals have developed ransomware as a business model and expanded its scope of attacks.

Most ransomware variants gain access to a system by exploiting flaws and software vulnerabilities. They then hunt secretly for target systems, such as a corporate network with remote logins or internet-facing servers. Once they gain a foothold, they may encrypt file contents or even wipe Windows System Restore and backup copies. Those who can’t afford to pay the demanded ransom may be forced to shut down their operations and lose sales or revenue.

The best way to protect against ransomware is to prevent it from getting into a corporate system in the first place. Train employees with ongoing, mandatory cybersecurity awareness training to teach them how to spot suspicious attachments in emails and verify the sender’s identity before opening any file or clicking a link. In addition, create a robust incident response plan modeled after NIST’s cybersecurity incident response lifecycle.