Ransomware is a malicious software that encrypts — or locks up — data in the victim’s computing device. The attackers, after placing the ransomware, demand payment in return for the decryption key. They often request the ransom in the form of bitcoin, a difficult-to-trace digital currency. Payment obfuscation through bitcoin shows criminals’ growing savvy about covering their tracks. A report last year from the cybersecurity firm Symantec noted that “the majority” of new ransomware threats demanded payment through cryptocurrencies because they can provide anonymity and make it easier to launder the ransom they collect.
Ransomware attacks have been on the rise in the last couple of years, in part, because they are effective and tend to be highly profitable for cyber criminals. One reason they work so well is that there is little recourse once a system is infected, and, like most malware, ransomware can easily gain entry to a system through a malicious email attachment, or even by a computer visiting a compromised website. McAfee found that the total number of ransomware samples increased from under 2 million in Q1 2014 to more than 6 million in Q4 2015.
However, companies can take several steps to help mitigate the impact of ransomware. Early detection through a robust cybersecurity monitoring and response system can help stop a ransomware attack from completely encrypting a system, as well. Caught early enough, for example upon installation, a company may be able to stop the attack and restore the affected files. The perfect weapon in the fight against ransomware: It’s called backup software When a ransomware virus attacks, people who use cloud backup software can retrieve their files quickly without paying the ransom. The key is to proactively make sure your files are protected with cloud backup software because that’s the best insurance against ransomware. If you’re a cloud backup user that falls victim to a ransomware attack, getting your files back is a breeze.
It’s important to warn employees about clicking on suspicious attachments, but they may fail to adhere to the policy or simply be fooled by a well-targeted phishing attack. Additionally, while firewall protection and security software are crucial components in a ransomware-prevention strategy, they won’t guarantee protection. When prevention methods fail, the best way to regain access to your data is by having a backup plan in place. Since the latest version of your files may be affected by the virus, a backup solution with a versioning feature is necessary. It allows you to roll back to a specific date before your systems were infected.
Ultimately, preparedness is key. Ransomware, like any crisis, can be mitigated by developing and following principles of business continuity. By backing up data, raising employee awareness of cybersecurity best practices, and developing a comprehensive crisis response strategy, companies can be better positioned to respond in the event of an attack.