Ransomware has become an increasing problem particularly for small to medium businesses in the last few years with ransomware attacks being increased by 97 percent of the last 2 years (Source Phishme). Ransonware generates over $25 million in revenue from hacking organisations every year (Source Business Insider) and proves that this isn’t a problem that will just go away. Businesses in particular, need to act to ensure they have a clear understanding and action plan if effected by ransomware. A number of Preventative measures are available and will be outlined further in the article.

What is Ransomware?

Ransomware by definition is a form of malware/virus that prevents users accessing their systems or data until a some of money is paid to the attacker.
Below is an example of what the program looks like when the attackers have taken access to your data;

Notice that Bitcoin is the only used payment method, this is due to Bitcoin being incredibly hard to be traced and is therefore is the primary payment method for cyber criminals.

How Does Someone Become Infected by Ransomware?

Similar to any other malware, ransomware can often be prevented by proper protocols and procedures on the user’s end.

• It can infect systems via email – when an unsuspecting user downloads a malicious link off an email which may run an executable program.
• Ransomware can also be spread by an infected website where a drive-by downloading occurs when the user loads the page.
• Social media is also another culprit when links are shared and opened by unsuspecting phone users, without thinking a lot of the time.

How can I / We Prevent Ransomware?

• Make sure you have a strong anti-virus and firewall installed for each computer and this is kept up-to-date. Firewalls will prevent users opening sites that can cause harm, anti-virus software will scan for any infected files on your computer.
• Install content filtering on your mail servers (Spam Filter), this will prevent a large portion of the inbound scam emails.
• Regularly make sure all software and systems are up-to-date. A key way attackers can get attackers can get access is through out of date software.
• Train users to be more aware of what dangerous emails and website look like so they can avoid dangerous links. Be sure to contact your IT specialist if you are unsure of any emails or links before opening them. There are also a number of great user training programs out there to help with this, Knowbe4 is one of the best.
• Be aware that most financial brokers now offer cyber insurance which can cover a range of things including ransomware.

What About if I Become Infected by Ransomware?

For a start it is highly recommended that you do not pay the ransom, it only funds and encourages these attacks further when they are paid. Also, there is no guarantee you will get your data back even if you do pay (it is quite common for this to happen).

Make sure you keep regular backups of all necessary/sensitive data on your system. Although it can be pain to restore backups for a whole system (and some data may lost) it is the easiest method to getting around ransomware if your become infected.

If you need more information of help regarding ransomware to don’t hesitate our team at Plus 1 on 03 58333000 or via email to plus1@plus1group.com.au