Cyber-Security Simplified: Ransomware

- Category: Blog

Cyber-Security Simplified: Ransomware

There’s not a day goes by without news about yet another cyber attack and we’re constantly hearing the words Ransomware, Virus, Hack, DDOS, Phishing, Spam, CEO Fraud, etc but what do these really mean?

In this blog, we’ll explain about the most financially lucrative cybersecurity threat around today: RANSOMWARE.  We’ll tell you what ransomware is,  how it happens and how you should protect your business reducing the ransomware risk now and in the future.

So what exactly is Ransomware?

Ransomware is malicious software that blocks access to your computer system or files unless a sum of money is paid.  Ransomware uses encryption against you, encryption, when used correctly, should protect your data and files but ransomware uses it to take your files hostage. This means being locked out of your documents, spreadsheets, photos, videos, payroll data, accounts data, and other business-critical files. In addition, if you are infected ransomware can easily spread to other computers on your network in seconds bringing your whole business to a halt.

You’ve heard the term many times and chances are, you think it probably won’t happen to you but ransomware is ruthless, it doesn’t care if your business is large or small, a sole trader or an enterprise organisation,  if you have a computer and you use the internet, you and your files are a definite target.

How does a ransomware infection happen? Ransomware doesn’t just happen, it happens because of an action such as the opening of an email attachment or the clicking of a file or even viewing of a compromised website.  Let’s give you a classic example:  Your employee receives an email from a friend, it includes a link to a video that shows a cute dog performing tricks while wearing a party hat.  Intrigued, your employee opens the video and is asked to click RUN which of course they do.  Shortly after, everything on their screen starts changing colours and a rather alarming window appears informing them that all the files on their computer have been hijacked and are now encrypted:

As your employee thinks “oh no” and reaches for the power button, one by one, innocent colleagues computers are now also experiencing the same window appearing and in a matter of minutes every single computer in the company has had it’s files encrypted. There’s mass panic in the office and all systems are down. Business has stopped and unless a ransom is paid, the files could be lost forever.

Simple Steps to protect against ransomware attacks:

By completing several simple steps and having the following cyber security protections in place, in our example above this company would have severely reduced the risk of a ransomware attack and chances are business would not have been hit.

  • Install Anti-Malware Software:  Have dedicated anti-malware software such as Heimdal Thor installed and running on every pc and laptop on the network,  Heimdal will sense the encryption traffic and block before encryption occurs.
  • Patch devices and keep software up to date:  Ransomware hits known vulnerabilities in operating systems, installed applications and software.  Regularly keep your systems up to date and patched. It’s quick easy and free !
  • Use a firewall to secure your internet connection:  Protect your internet connection with a firewall which effectively creates a barrier between you and the internet. Firewalls should be enabled on all computers, servers and you should have a dedicated firewall at the perimeter of your network where your internet connection is.
  • Install email Anti-Spam Software:  Have dedicated email anti-spam software such as Email Laundry to shield your business from targeted email attacks which stops those emails arriving in your in-box.
  • Backup:  Regularly backing up your data and testing the restore procedure should be a given for all business’s. Critical data should be backed up with the recommendation for cloud based air-tight off site backup because intelligent ransomware is now identifying and targeting local backup files as well as business data.
  • Install Anti-Virus Protection: Anti-virus software is no longer sufficient on it’s own to stop ransomware attacks but installing software such as ESET Endpoint Protection provides a useful first line of defence.
  • End User Training:  A user is normally the last line of defence so they should be regularly educated to make them more aware about the risks of clicking and opening unknown attachments.  Test and monitor your users “click ability” through solutions such as KnowBe4 end user training platforms.

If you feel your business could be at risk or are interested on enhancing your cyber security, speak to one of our expert cyber security consultants today. Tomorrow could be too late!