What is Ransomware?

5/5 - (4 votes)

What Is Ransomware?


In 2018, there were 204 million ransomware attacks around the world. The best way to prevent a ransomware attack, or mitigate the damage, is to be informed. Check out some answers to FAQs about ransomware here.

What Is Ransomware?

Ransomware is malicious software that basically kidnaps your system and holds it and your data hostage for money. Attackers are making tons of money by targeting businesses and organizations that have a lot to lose when they lose access to their systems.

Initially, ransomware freezes infected systems and locks out the rightful users until the victims pay a ransom. Hackers typically threaten to permanently lockout data if they don’t receive the ransom.

The most popular form of ransomware is Cryptolocker. This nasty infection encrypts your data and demands payment to unencrypt your data. Often, the criminals start a timer, and the ransom escalates the longer the victim delays payment.

How Does Ransomware Infect a Computer?

Phishing emails with malicious attachments and drive-by downloading are two common ways that ransomware can get into a computer system.

Click on the wrong email attachment, and you could face an alert that your system is infected.

Drive-by downloading occurs when users visit an unsecured, infected website. The malicious software downloads and installs without the user ever being aware of the transaction.

Can Ransomware Steal Data?

Yes. Some strains of ransomware steal users’ data before encrypting it and locking everyone out. Such data theft is a serious concern because even if you pay the ransom and get back into your system, the stolen data will cause severe problems for your company and the customers who trusted you to keep their data safe.

Is Ransomware Considered a Breach?

Not all ransomware attacks are considered a breach. Only some strains actually steal data. For this reason, breach notifications are not always required (such as under PIPEDA).

In Canada, when the breach of security safeguards could reasonably create a real risk of significant harm, the organization must report the violation to the Office of the Privacy Commissioner (OPC). Also, the organization must notify all affected individuals and businesses.

As noted by the OPC, whether a breach of security safeguards affects one person or a 1,000, it must be reported if there is a real risk of significant harm resulting from the breach.

How Is Ransomware Delivered?

A typical delivery method is through a harmless-looking email attachment or link. A user clicks a link or download and accidentally infects their computer. The infection quickly spreads through the network to other computers, servers, and storage devices.  Before long, the damage is done.

However, not all ransomware requires the user to do something. Some software packages exploit weaknesses in your security system. Clever cybercriminals can redirect an unsuspecting user from a legitimate website to a malicious one without any actions required on the user’s part.

Lastly, some hackers hide malicious ransomware codes within otherwise legitimate software. Be careful with downloading content such as games, game cheats, adult content, and different types of online software.

Can You Remove Ransomware?

Well, the whole point of ransomware is to hold your systems hostage until you pay up. Some types of simple ransomware may be removable if you know what you’re doing (or call in someone who does).

More sophisticated types of ransomware are not so simple to remove. That’s why companies end up paying several hundred thousand dollars to get back access to their data.

What Is the Best Protection Against Ransomware?

Backup your files frequently. Further, physically disconnect backups from the network or use a cloud backup. All too often, ransomware holds backups hostage when the infection can find them. If you have a recent backup and a robust recovery path, not regaining access to your system will be far less damaging.

Install a modern, secure firewall and robust advanced endpoint protection to help keep malicious software from ever gaining access to your system. Don’t open attachments in emails from unknown sources and train your employees to do the same.

Keep your system updated and install all security patches immediately. A managed IT service provider like us can handle all this and more as part of our IT services. Proactive action is your best defence against these malicious attacks.