Ransomware is a type of malware that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. The victim then is sent instructions on how to pay hundreds to thousands of dollars. Upon payment, access is then restored.
The most common form of delivery is through an email, like a trojan horse it masquerades as an email you should trust. Once it’s downloaded and opened, they can take over the victim’s computer. The most common action is to encrypt the victim’s files. The most important thing to know is that at the end of the process, the files cannot be decrypted without a mathematical key known only by the attacker.
Here are some steps to prevent ransomware:
- Backup your data:
Your most powerful weapon to defeat ransomware is a regularly scheduled backup. Backups should be stored offline so they cannot be compromised or deleted during an attack.
- Educate your users:
By falling for an email, an employee might leave your organization exposed. Reinforce your employees’ knowledge with regular testing and focus their training on specific areas where needed.
Having a set patching schedule helps you keep systems up to date and provides visibility into those that cannot be patched. Ransomware attackers frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get into a network.