What is Ransomware? How am I a target? What does it do?

Ransomware by its very name locks users out of your own data and then holds your data for ransom. These attacks cause data-loss, IP theft and of course costly business downtime.

Phishing emails are the most common way for a Ransomware virus to infect your IT infrastructure (more than 90% of cases) and while the email itself is harmless, there are links for malicious advertising, missed payments or invoicing that are embedded and disguised in the email links.

The link, which is typically a “view invoice” or “unsubscribe” link in the email will, once activated within the user’s environment, encrypts user data. You may not be aware of it immediately; it is typically when the user attempts to open a file that they are informed on their screen of the Ransomware, the user is then directed on how to pay for the release and decryption of their own data. Payment terms demanded by the Cybercriminal are usually via bit-coin cryptocurrency which itself is untraceable.

In early 2020 a large transport logistics company in Australia became a target of Ransomware, the company deliberately shut down a number of key business units across multiple sites nationwide due to a variant of the Mailto ransomware.

This company has 40,000 employees globally with the potential of having more than 1,000 servers affected, they reverted to manual operations and handling where they could but the side effect of this was a significantly delayed service. Can you imagine the cost in staff downtime and extra staffing alone for this organisation never mind the reputational cost??

Unfortunately, we live in an age where Cybercrime is a very real possibility but there are actions that we can all undertake to help prevent organisations from becoming another victim. The attitude of “it won’t happen to me” or taking half measures and “she’ll be right, we can do it cheaper” approach is simply not going to cut it in business today.

Know your enemy, sounds simple but all end users who access emails need to be educated on what to look for and security training is a great start, there are a number of online resources available and if you are unsure please feel free to ask Consulting IT.

Commercial internet security products play a vital part in your defence strategy, no product is 100% guaranteed and the world of the Cybercriminal are continuously looking for weaknesses. These are commonly found in outdated or unpatched Operating Systems or security products, an easy target to exploit are those who do not keep their hardware and software solutions up to date.

Coupled with a commercial anti-virus software, this multi layered approach to your security is the best practice approach but again, any new or zero-day threats and techniques are continually emerging so nothing can be 100% guaranteed.

Your email inbox is an open source of communication with partners and prospective clients alike, but it is also an opportunity for Cybercriminals to attack. Arm your organisation with education, set your IT defences with best practice methodologies and you reduce the chances of Cybercriminals holding you to ransom.

Consulting IT: Secure, Scalable IT since 1996.