If you exist in the digital world, then you’ve probably heard of the term ‘Phishing’ but you might not be so familiar with Ransomware or the dangers associated with it. Would you know to unplug or how to prevent a Ransomware attack? If not, read our blog to find out everything you need to know about Phishing’s ugly Cousin-Ransomware.
What is a Ransomware virus?
Ransomware is malicious software that blocks you from accessing your files. It holds your PC, system or files for ransom. Ransomware, like any other malware, can be downloaded without authorisation just by clicking on an attractive link. There are different types of Ransomware but all of them have the same purpose: holding your important files hostage until you pay a ransom.
These demands can be for money or even for something as simple as making you fill out a survey. Cybercriminals will target you in your workplace and hold financial or sensitive information for ransom. They can also target you in your home by denying access to personal data such as photographs, work projects, or college dissertations.
What is a Ransomware attack?
There are two types of Ransomware currently in circulation but as these attacks evolve there will be many more.
This is the most common type of attack used today. It will encrypt valuable or sensitive information on your computer. The cybercriminal will then demand a ransom payment to release the important information back to the user. Crypto Ransomware will not usually limit the user’s computer and will normally allow them to use the rest of the system as usual.
Crypto Ransomware is very effective as many users are unaware of the importance of their data until it’s no longer available. The majority of victims don’t back up personal information, and therefore won’t have a replacement copy. This is exactly what a cybercriminal is hoping for.
This locks the user’s computer and will deny them access to their device including their files and data. Locker ransomware may only let the victim use the device for communicating directly with the criminal. In some cases use of the mouse and keyboard may be limited also. Users are required to pay a fee to unlock the computer. Once the fee is paid the cybercriminal promises that they will unlock your system however this is never guaranteed.
What to do when you get Ransomware?
The first thing that you should do is make sure that you isolate any infected machines. This is particularly important if you are on a network. These will need to be locked down and you may need to check your file servers too. For anyone that isn’t technology savvy, this means unplug all of the machines that you believe to be infected and contact your IT team or IT individual to let them know what has happened. The earlier someone knows, the faster they can get to work on coming up with a solution.
Should you pay Ransomware?
The real answer is that it’s up to you and your situation. More than likely your organisation will have a Ransomware recovery plan in place or at the least will have discussed the organisations procedure for dealing with a Ransomware attack.
It is important to evaluate the information that has been held to ransom. Are you dealing with sensitive information; information required for a deadline that is looming or information that would have huge financial or reputational damage should it be lost? The importance of this information should help you make decisions based on your situation.
Another factor to consider before paying the ransom is the integrity of the files. Will you be able to trust the files that you recover? Can you confirm that they have not been corrupted or still contain the same data? Unfortunately even if you do pay the ransom it is not guaranteed that you will be able to recover your files.
Where does Ransomware hide?
Ransomware can hide in various different places. An example would be on clickbait advertisements. These advertisements encourage the user to click on a banner or display ad. Usually these advertisements will promote celebrity gossip or shocking news.
Ransomware can also be embedded in links targeted within phishing or spear phishing emails. These links are also used on fraudulent websites where unsuspecting individuals will download ransomware.
How do you prevent Ransomware?
The best way to prevent Ransomware is to be aware and educate your users. A simple way of doing this is to conduct simulated phishing exercises were the user is tested at random intervals throughout a scheduled period. These Phishing tests or exercises will be used to check the user’s vulnerability to Phishing scams and therefore Ransomware attacks.
Education is the best method to combat Ransomware. Ransomware is continuously evolving and attackers are expanding their range of techniques. Users who are aware of the elements of a phishing attack will be better equipped to prevent the attack from happening.
MetaCompliance have a software solution called MetaPhish that has the ability to originate emails from a set of prepopulated simulated phishing domains. The software contains a library of smart learning experiences such as infographics, notices and training videos which are useful for engaging employees in phishing education.
Does this software sound of interest to you?