What is Ransomware?
Ransomware is a tradename for potentially entity killing malware of a variety of classes. In general, the cybercriminals infect computers with malware that can spread and take over an organization’s entire computing environment, from desktops and laptops to servers and critical databases, etc. They may do this initial infection using phishing emails, infected or spoofed websites, free software downloads that contain malware, and even online advertising. Once your systems are infected, the Ransomware can lock you out by encrypting critical data, making it entirely unusable without the decryption keys. Your only way back is to pay or restore from backup, if they have not deleted or encrypted those too.
How it’s Evolving
Ransomware has developed into a sophisticated business model and multibillion dollar industry. Instead of the fairly traditional automated attacks of the past, attackers are getting total control of the systems and customizing the ransom based on their research about your ability and the likelihood that you will pay. These specialized attacks have yielded enormous profits for nation-states and cybercriminals. The attacks are growing more severe with days, weeks or even months of downtime. As many as 1 in 5 organizations will not survive. Downtime, loss of confidence, trust and revenues are additional costs above any ransom paid. The evolution of Ransomware is not expected to slow down any time soon.
Ransomware Protection
In this new age of cybercrime, having only antivirus software and firewalls are nowhere near enough. Ensuring your network remains safe demands multiple controls such as: multi-factor authentication, software patching, networks segmentation, limitation of access rights, filtering emails and monitoring DNA. You need 24/7/365 monitoring of your network, daily backups on a disconnected system, and admin credential limitations and tracking. Following these guidelines doesn’t make you immune, which is why it’s absolutely crucial to have developed and tested business continuity and disaster recovery plans and solutions in place.