What is Ransomware?
Basically, it is a type of malicious software that infects a user’s system and entirely encrypts their files, holding them hostage until a ransom is paid, potentially causing an irreversible loss of data. In most cases, the ransom amount is announced to the victim via an on-screen alert which states their system was locked — sometimes with a timer designed to intimidate the user and force them to hurry with payment.
Ransomware Attacks: How Much May It Cost?
The ransom demanded from individuals varies greatly; frequently the amount is around $200-400 dollars required to be paid in virtual currency, through non-traceable payment methods (such as Bitcoin). Private users, however, have become an increasingly low priority target for cybercriminals in recent years.
As to the losses for businesses, they can be much more tangible. According to the statistics from 2018-2019, the average amount of ransom required was $2.500 for one incident — with organizations willing to fork out amounts close to a million dollars to get their data decrypted in some instances.
However, as this form of extortion was proven very effective, it continues to be an incredibly lucrative venture for cybercriminals, implying that amounts demanded to redeem an organization’s captivated data will only be growing. The recent research provided by security vendor Coveware has shown that average ransomware payments soared 104% from $41.198 in the third quarter to $84.116 in the fourth quarter of 2019.
Also read: Myths About Antivirus Softwares
How Does It Spread?
Ransomware is often spread via phishing emails that contain malicious attachments, or through drive-by downloading which takes place when a user visits an infected website and, unaware of it happening, downloads malware onto their machine.
These days, phishing schemes remain the most effective way of spreading ransomware. Today, it is very common for cybercriminals to conduct extensive research on chosen targets, and then impersonate their trustees (coworkers, friends, family members, etc) in order to create the phishing emails that look really believable. And the more legitimate it looks, the more likely the victim is to open the attachment.
Why Is Ransomware So Effective?
Ransomware instills dread and panic into its victims, causing them to unadvisedly click on malicious URLs that may infect the user’s system with additional malware. Along with that, on-screen alerts usually contain intimidating messages, or mention specific deadlines that increase urgency and force people to act in a hurry. For instance, “Your computer was used to visit websites with illegal content. To unlock it, you must pay a $100 fine.” or “All files on your computer have been encrypted. You must pay the ransom within 36 hours to get back the access to your data.”, etc.
How to Protect Against Ransomware?
As seen from all the above, ransomware poses a threat that can be incredibly devastating to both individuals and organizations — and, as with other viruses, proper digital hygiene is crucial to protecting against it. On the other hand, for business owners, ensuring proper data protection implies taking control over the actions of each employee at an organization, which is a nearly impossible task. And once a working network has been attacked with ransomware, or important business-related files have become encrypted, getting help from specialists will be required to unlock the information.
Salvagedata is a professional data recovery company that is known for its competence at combating even the most complicated cases of data loss. For more than a decade, Salvagedata has been providing high-end data recovery services to thousands of private users all over the US, as well as government and law-enforcement agencies. With that, if your crucial files are in trouble — don’t panic! Instead, contact Salvagedata for a free consultation and examination of your case — and let the professionals do the rest.
At the same time, the following recommendations should help you to safeguard your business against ransomware attacks:
- Limit your employees’ ability (restrict permissions) to install and run unwanted software. And adhere to the principle of “Least Privilege ” in regard to all of organizaiton’s systems and services. Restricting permissions is one of the most effective practices applied to constrain malware from spreading through the network.
- Develop dependable data backup and recovery strategies for all critical information (data- and client bases, logs, archives, software, etc). Test these backups on a regular basis in order to reduce the impact of data loss in case it occurs, and expedite the recovery process. Make sure to isolate critical backups for optimum protection (keep them off-site) as network-connected copies can also be affected by ransomware.
- Keep your operating system and all the important software up-to-date with the latest patches as they are necessary to fix data security vulnerabilities and for password protections. Remember that vulnerable applications can serve as a gateway for cybercriminals. Ensuring your software is patched with the latest updates greatly decreases the amount of exploitable entry points that ransomware attacks can be performed through.
- Maintain good digital hygiene: never open attachments found in emails from untrusted senders, and avoid enabling macros if they contain any. Never follow suspicious links and don’t click on pop-up ads as they may lead you to a website with malicious software on it; etc. Finally, remember to instruct your staff on these rules to avoid harm done unknowingly.