An Increasing Malware Threat: Ransomware

What is Ransomware?

Ransomware is a type of malware that blocks access to the infected system, demanding that the user pay a ransom before the block is removed.  Many businesses are under attack by a form of ransomware that encrypts files on a computer’s hard drive, which then becomes impossible to decrypt without paying the attacker the ransom for the decryption key.

How severe is the threat?

Extremely severe.  New reports of ransomware attacks are documented every day with businesses of all sizes at risk.  These businesses include police departments, schools, and even hospitals.  One reported hospital, Kings Daughter Health, is close to home in Madison, Indiana.

The ransom payment would not be the only loss in a ransomware attack.  There would also be a probable loss from user downtime, especially if the computer is locked for days while the problem is addressed.

Even if the ransom is paid and the system is unlocked, the system that was infected should be wiped and reloaded as a precautionary measure.  This means that no matter what happens, the business will likely undergo downtime.

How does a system get infected?

Generally, ransomware attacks are generated through phishing emails.  The user opens an email that seems innocent but when the attachment is opened, a malware is downloaded.

No matter the scans or filters that may be in place to protect user email, there are always cyber criminals developing ways to get by these filters.

How to protect your customers

Due to the constant threat of ransomware attacks, it is recommended to take the prevention steps below:

  • Be sure you have file backups. If you do not have a backup in place, arrange a solution immediately.  We recommend Core Managed Managed Cloud Backup which provides seamless and secure backup of data to the cloud.
  • Educate end users about phishing and ransomware. Users should know how to identify suspicious emails that may infect their systems.
  • Create a containment strategy. Ransomware can spread from one user to another, so there should be steps to prevent an outbreak.
  • Organize a business continuity plan. There options that permit business continuity during a ransomware outbreak.