What is ransomware?
Ransomware is a malicious software (‘malware’) created by cybercriminals that encrypts (locks down) your computer or mobile device until you pay a ransom. It is a very successful way of generating money for criminals, adding up to billions of pounds each year. Anybody can fall prey to ransomware; businesses both large and small get attacked.
Do back-ups stop ransomware?
There is a growing trend in ransomware that is perhaps worse than encryption, where the cybercriminals will extract (exfiltrate) confidential business information and client data. They then threaten to release it onto the dark web if you don’t pay the ransom. If this is sensitive confidential information, your reputation is in ruins. So even if you recover your data from a secure backup, the criminals still hold a copy of your data. They can still release it to prove to your clients that you’ve been hacked or sell the data for more money.
How does ransomware work?
The hackers get in via various routes. These are areas in your system that have vulnerabilities or holes, and once in, they freeze all your assets (files, folders, data, emails, financial records, confidential personal and business information – everything and anything they can get their hands on, including potentially any backups you’ve made) by encrypting it and exfiltrating it. This makes your system useless to you and grinds your business to a halt. Once locked down, the ransomware then displays a warning screen with instructions on how to unlock the files and retrieve your stolen data. The message includes instructions on how to pay the ransom using bitcoins, or other electronic currency, to a specified account. The criminals will set deadlines and, if the victim doesn’t follow these instructions, the ransom fee doubles!
Prevention is the best medicine when it comes to ransomware. Follow our 10 steps to ransomware resilience or get in touch if you need any help.