Ransomware. With no doubt, you have heard of it. But what is it exactly? Let’s dive in!
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
With the data encrypted or access to the device locked, ransomware will then demand the victim pays a ransom (in the form of a cryptocurrency such as Bitcoin) to return things back to normal. Sometimes the cyber criminals behind the ransomware will even threaten to publish or delete the data if payment is not forthcoming.
Front page news
Attacks have been so effective and devastating on unprepared organisations, they’ve frequently made front page news. This is not surprising, when companies like Norsk Hydro, a global aluminium producer, reported a ransomware attack meant their entire 35,000 workforce had to resort to pen and paper and the cost to the business was north of 45 million euros. By hitting Norsk Hydro’s operational capabilities, there were implications internationally with a whole host of different stakeholders, not least from customers dependant on aluminium orders for their factories and investors worrying about the impact on the organisation’s financial metrics and share price. This meant Norsk Hydro didn’t just have to deal with a cyber attack, they also had to deal with a serious public relations incident.
There are many different forms of Ransomware. Think of Bad Rabbit, CryptLocer or WannaCry. This is by no means an exhaustive list, and new forms of ransomware are being developed all the time. Ransomware relies on delivering an initial payload. Usually victims are tricked into opening an infected email attachment or clicking on a link. This triggers the rogue software to start installing itself and encrypting data. Ransomware doesn’t care if the victim is using their own encryption software to protect their data. It will happily encrypt data that has been lawfully encrypted, making it unusable for the victims.
Make your customers aware of the danger called ransomware. That is the most important step. And if something happens, our security specialist will always be there to help you out.