Ransomware is all the rage—and not in a good way. Cybersecurity experts are calling these virtual attacks an ‘epidemic’ of epic proportions.
In fact, its exponential growth over the past few years has left individuals, companies, and industries feeling both enraged and powerless.
Why? Well, because the only protection against ransomware is caution.
Ransomware is a type of malware (malicious software) that once installed, locks and encrypts a user’s files until that user pays a ransom to recover and decrypt the files. The ransom is often paid in internet currency known at ‘bitcoin’. Hackers desire bitcoin transactions due to their easy and anonymity (these transactions are nearly untraceable).
A common method is mass-collecting email addresses from the company’s domain name, identifying the top executives of the company using LinkedIn or Facebook, creating a fake email address under one of those executives’ names and sending a ransomware-laced email to a lower-level employee with a subject line reading “Invoice” or something else that looks as if it demands attention. (Newsweek)
Ransomware ranges in severity, from malware that only targets a select group or folder of file to a program that encrypts entire hard drives, rendering the computer inoperative. Further, this encryption is far from basic—it’s military grade.
And in worse case scenarios, the installed or downloaded malware has been so effective, that hackers are unable to decrypt the files, post-payment.
The short answer: everyone. The malware that initially targeted high-profile targets has expanded its focus to target anyone and everyone, including individual users, restaurants, and police departments.
Naturally, high-profile targets are those businesses and industries with Big Data. Those with a lot of information have a lot to lose, both in terms of data and capital. High-profile targets include healthcare (especially hospitals), education (especially universities), technology, and the government.
When this Los Angeles hospital was attacked by ransomware, it was forced to send its patients to other hospitals, causing not only chaos among hospital staff, but disrupting the medical care of thousands of patients. While no critical information was compromised, the hospital was forced to pay 40 bitcoin to the hacker – equivalent to almost $17,000.
When the government shut down in 2013, it was due to congressional gridlock. However, rampant ransomware could achieve government shut down again. As a major legislative body, lost access to important files (i.e. bills, memos, emails, and employee records) could “stall legislation more effectively than party infighting or filibuster.” Yikes.
These cyber assaults are virtual, but their impact is very real. Ransomware has the potential to disrupt daily order and sow desperation in nearly every industry.
Guarding your data against ransomware is an exercise in preventative maintenance. Ransomware is so scary, because “once you get hit, there’s nothing that can be done,” says CBL Data Recovery.
CBL Data Recovery has recently observed an uptick of calls related to ransomware, most of them from individual users (low profile targets) who accidentally clicked on a phishy link or attachment.
Here are a number of smart security techniques that may help you protect yourself (and your files) from ransomware:
Overall, just think before you click!
Category: data loss prevention