Many have heard the term ‘ransomware’, but don’t actually understand what it is, how it could affect them, as well as how to protect against it.

Ransomware is defined in the dictionary as: “malware planted illegally in a computer or mobile device that disables its operation or access to its data until the owner or operator pays to regain control or access” (dictionary.com). While that definition is accurate, many don’t understand the severity of such malware as technology seems to always have a “hack”. But ransomware is different in the sense that most “hacks” don’t work. If you want to regain access to your files, and more importantly, have a working computer, you have to “trust” this individual who “illegally” inflected your machine, to actually release your files and programs once you pay them. But what keeps them from doing it again?? This is where understanding how ransomware comes about is very important. 

One common method of ransomware can come as “phishing emails”. This email can come with either an attachment or a link that looks legit and from someone or an organization that you recognize. When you click the link or open the attachment, malware can then be downloaded and installed in the background, without your knowledge.

The greatest challenge is that most users don’t know that they have been infected until it’s too late. So here are a few security tips to keep in mind to help you prevent being a victim of ransomware:

  • ALWAYS be cautious, no matter how legit the email, attachment, or link looks. Especially with links in emails, there are methods of masking the URL to appear that it is coming from a “trusted” organization or person, when it really isn’t.
  • Don’t click links. Hover your mouse over the link to view the URL that is embedded in the text. This will give you an idea if the URL is fake or legit.
  • Watch for misspellings in email addresses or domain names. It’s easy to replace an “I” with a “1” or an “0” with a “o”. For instance, your bank, Capital One, could send you an email from cap1tal0ne.com…do you see the issue?
  • Backups. That’s right, one of the greatest ways to prevent ransomware is to take a backup of your system and be sure to store it on a separate external drive that isn’t connected to your computer or network. This is the best first-line of defense that you can implement into protecting yourself from ransomware.

Beyond phishing, there are other ways that ransomware can be installed, for instance through networks. Sometimes the greatest challenge with protecting your network is actually getting the right tools installed and working for you. 

We recommend working with your IT provider to ensure that you have a plan in case such a virus was attempted to be installed on your network. CCI seeks to use as many tools as possible in protecting client networks. In cyber-security, there is a concept called “defense in depth.” We seek layers of protection that ransomware must penetrate.

So you might wonder, what should you do if you are infected with some type of ransom malware? Sadly, even with those layers of protection nothing is ever 100% safe. Ransomware creators have access to the same tools and protections and they test their products to see what can sneak through. Ransomware responses are two fold. First, many opt to pay the ransom to get their data back. Regardless of whether this is done, intelligent organizations no longer trust their infrastructure and begin the process of recreating servers and workstations. Data restoration needs to happen carefully to ensure that no time/logic bombed viruses are brought back – waiting to backfire and infect again.

Many organizations will need to notify customers of the impact to operations. Some organizations will need to inform government entities for compliance/oversight reasons. Others will need to address press inquiries. All of this should be mapped out ahead of time so a plan can be followed.

So now that we’ve shared a bit about ransomware, where do you stand? Are your network and computer systems protected from this illegally implanted malware?