Ransomware attacks rose 195% in the first quarter of 2019, backing up the fact that this form of cyberattack is still very much a threat to both businesses and individuals alike.
If a computer or network doesn’t have proper IT security in place to protect against ransomware intrusions, they can end up costing the data owner dearly. With costs being attributed to:
-
Cost of ransom, if paid
-
Cost of data recovery, if a backup is available
-
Cost of downtime and lost productivity
-
Cost of lost customer trust
Ransomware costs the average business $2,500 per attack.
While small and medium-sized businesses are the biggest targets of ransomware attacks because they generally have less defenses than large enterprise companies, attackers also haven’t overlooked the individual residential PC user.
Often, cybercriminals just looking for a quick buck will demand “budget ransoms” from residential victims who aren’t expecting an attack and not sure what to do when one happens.
How Does Ransomware Work?
Ransomware is a specific form of malware that encrypts the infected computer’s files, or otherwise makes them unusable, via a malicious script, essentially holding them for ransom. The attacker then demands a ransom from the victim to regain the use of their data.
The ransom is typically requested in the format of bitcoins or electronic gift cards so it won’t be trackable back to the perpetrator.
For the victim, it’s a nightmare because their business or ability to access their data comes to a screeching halt, and if they do not have a reliable data backup to recover, they’re only left with the option of paying the ransom and hoping the crook will make good on the file restoration or to lose everything on the infected hard drive.
Ways that Ransomware Infects Computers
There are a number of ways that a computer can become infected by Ransomware and often a user might not even realize their device has been infected until the hacker pulls the trigger on their script.
There are four key ways that your computer can get a ransomware infection:
-
Phishing email
-
Drive-by download
-
Social phishing
-
Botnet
Phishing Emails
The number one cause of data breaches around the world today is from phishing emails. These are those emails designed to fool the user into opening an infected file or clicking through to a website designed to download the ransomware script as soon as they visit it.
They’ll often look like an email from a legitimate business, like a payment confirmation, a shipping tracking notice, or request to update your information.
You can protect against phishing email attacks by taking a multi-layered approach in your cybersecurity plan:
-
Anti-phishing software
-
Employee training
-
Email antivirus program and uses sandboxing
Drive-by Download
Have you ever been on a website and videos and ads start popping up and you accidentally click on one and are taken to a strange page? That could be a Drive-by Download. Hackers often hide links to malicious sites behind ads and buttons that might look like a legitimate or enticing ad on a website. Streaming video sites are being increasingly used for this type of attack.
Using a browser-based anti-ransomware/anti-malware application can help you avoid these drive-by infections. Additionally, being very suspicious of ads that sound too good to be true is a good best practice that will help keep you safe.
Social Media Phishing
An offshoot of phishing emails and one that’s continuing to grow is social phishing. This is where the hacker uses social media posts or direct messages to deliver the same type of false message meant to trick the recipient into clicking a malicious link or downloading an infected file.
The shortened URLs that are popular on social media sites exasperate the issue because they obscure the true URL.
Some ways to protect yourself from a social media phishing attack:
-
Don’t click a link unless you are 100% certain it’s legitimate
-
Use privacy settings on social media to keep non-friend/family from seeing your feed
-
Stop, think, and research before you respond to a strange direct message
-
Remember, even if a DM comes from a person you trust, their account may have been hacked.
Botnet
A botnet represents a number of internet-connected devices that are being controlled as one. This type of attack typically plants a malicious script on a computer or network without the owner’s knowledge. The script is designed to run undetected for months or years, and the computer can be used unknowingly for things like denial-of-service-attacks, to send spam, or steal or encrypt data.
Ways to ensure your computer isn’t running a botnet script in the background include having a managed security plan or managed antivirus that includes constant monitoring and to keep your devices scanned regularly for and infections or strange activity.
Is Your Computer Safeguarded from Ransomware?
Don’t leave your devices at risk. Both computers and mobile devices can be infected by ransomware that makes their contents unreadable by the user. Get out in front of the attackers with managed antivirus and anti-malware solutions from Pro Tech Guy.
Contact us today at 508-364-8189 or through our website.