F12 Blog

What is Ransomware?

What Is Ransomware?

 

In 2018, there were 204 million ransomware attacks around the world. The best way to prevent a ransomware attack, or mitigate the damage, is to be informed. Check out some answers to FAQs about ransomware here.

What Is Ransomware?

Ransomware is malicious software that basically kidnaps your system and holds it and your data hostage for money. Attackers are making tons of money by targeting businesses and organizations that have a lot to lose when they lose access to their systems.

Initially, ransomware freezes infected systems and locks out the rightful users until the victims pay a ransom. Hackers typically threaten to permanently lockout data if they don’t receive the ransom.

The most popular form of ransomware is Cryptolocker. This nasty infection encrypts your data and demands payment to unencrypt your data. Often, the criminals start a timer, and the ransom escalates the longer the victim delays payment.

How Does Ransomware Infect a Computer?

Phishing emails with malicious attachments and drive-by downloading are two common ways that ransomware can get into a computer system.

Click on the wrong email attachment, and you could face an alert that your system is infected.

Drive-by downloading occurs when users visit an unsecured, infected website. The malicious software downloads and installs without the user ever being aware of the transaction.

Can Ransomware Steal Data?

Yes. Some strains of ransomware steal users’ data before encrypting it and locking everyone out. Such data theft is a serious concern because even if you pay the ransom and get back into your system, the stolen data will cause severe problems for your company and the customers who trusted you to keep their data safe.

Is Ransomware Considered a Breach?

Not all ransomware attacks are considered a breach. Only some strains actually steal data. For this reason, breach notifications are not always required (such as under PIPEDA).

In Canada, when the breach of security safeguards could reasonably create a real risk of significant harm, the organization must report the violation to the Office of the Privacy Commissioner (OPC). Also, the organization must notify all affected individuals and businesses.

As noted by the OPC, whether a breach of security safeguards affects one person or a 1,000, it must be reported if there is a real risk of significant harm resulting from the breach.

How Is Ransomware Delivered?

A typical delivery method is through a harmless-looking email attachment or link. A user clicks a link or download and accidentally infects their computer. The infection quickly spreads through the network to other computers, servers, and storage devices.  Before long, the damage is done.

However, not all ransomware requires the user to do something. Some software packages exploit weaknesses in your security system. Clever cybercriminals can redirect an unsuspecting user from a legitimate website to a malicious one without any actions required on the user’s part.

Lastly, some hackers hide malicious ransomware codes within otherwise legitimate software. Be careful with downloading content such as games, game cheats, adult content, and different types of online software.

Can You Remove Ransomware?

Well, the whole point of ransomware is to hold your systems hostage until you pay up. Some types of simple ransomware may be removable if you know what you’re doing (or call in someone who does).

More sophisticated types of ransomware are not so simple to remove. That’s why companies end up paying several hundred thousand dollars to get back access to their data.

What Is the Best Protection Against Ransomware?

Backup your files frequently. Further, physically disconnect backups from the network or use a cloud backup. All too often, ransomware holds backups hostage when the infection can find them. If you have a recent backup and a robust recovery path, not regaining access to your system will be far less damaging.

Install a modern, secure firewall and robust advanced endpoint protection to help keep malicious software from ever gaining access to your system. Don’t open attachments in emails from unknown sources and train your employees to do the same.

Keep your system updated and install all security patches immediately. A managed service provider like us can handle all this and more as part of our IT services. Proactive action is your best defence against these malicious attacks.

Vancouver Office

200 – 17577 56 Avenue, Surrey, BC V3S 1C4
View Location >

Nelson Office

A – 1016 Seventh Street, Nelson, BC V1L 7C2
View Location >

Courtenay Office

917C Fitzgerald Avenue, Courtenay, BC V9N 2R6
View Location >

Edmonton Office

13555 156 Street NW, Edmonton, AB T5V 1R9
View Location >

Toronto Office

A-220 Markland Street, Markham, ON L6C 1T6
View Location >

Victoria Office

329 – 1095 McKenzie Avenue, Victoria, BC V8P 2L5
View Location >

Vernon Office

101 – 1325 Polson Drive, Vernon, BC V1T 8H2
View Location >

Calgary Office

11 – 3110 14 Avenue NE, Calgary, AB T2A 6J4
View Location >

Red Deer Office

8 – 4699 61 Street, Red Deer, AB T4N 7C9
View Location >