How to protect your business from a Ransomware attack

You’ve installed the latest anti-virus software, kept your systems up to date and even remembered to back up your files regularly, but your network could still be at risk to a growing form of malware: ransomware. This sophisticated malware slips into your system and locks you out, forcing you to pay a hefty ransom to restore your access. Ransomware comes in many forms, but learning more about how it works and how to avoid it will help you protect your network.

What is Ransomware?

Ransomware is delivered to your network as a form of malware, often included as an email attachment or link. Once you (or an employee) opens the attachment or clicks the link, the program quietly inserts itself into your system. This is designed to run in the background and to be unnoticeable by the person operating the computer and to bypass most anti-virus systems. Once installed, the ransomware seizes control of your system, files and network, usually by encrypting your files. There’s also some forms of screen-locking ransomware.

You won’t be able to use or even see your own data until you pay a large ransom to remove the malware. Ransomware types vary and are always evolving, making them difficult to spot and nearly impossible to remove on your own. Any business that has a computer network is a potential target for ransomware.

How Ransomware works

The hacker attaches the malware to an email link or attachment. The link will look innocent; it could be anything from a celebrity photo to a delivery confirmation. Once you or an employee clicks or downloads the file, the malware goes to work. Different forms of ransomware impact your network in different ways. Some, like Petya, lock you out of your network entirely, and others, including Bart, place all your files into a zipped archive.

Once it takes control of your system and files, you’ll be locked out and have to pay a fee, usually in Bitcoin (untraceable currency) to restore your access. Ransomware does not discriminate: school districts, hospitals and small, local businesses are all equally vulnerable. All you need to be an ideal target is a network and files you need to have access to in order to operate your business.

Why Ransomware works

Why do victims fall for ransomware? Scammers using this malware have learned to exploit the natural curiosity and inattention of your employees to gain access to your network. All it takes is one employee; as soon as that team member clicks on a link to see what package is being delivered or check out some celebrity images the malware deploys. One popular ransomware, named Cryptolocker, promises the recipient an important document or racy photo; when the victim clicks the attachment, the malware is delivered in the background.

Email isn’t the only vector for ransomware; other versions mimic a legitimate business web page, or even an app, to trick users into using legitimate login information. Close copies of WhatsApp and Uber have both been used to target victims via mobile device apps and fake web pages. The user sees a familiar, trusted brand and naturally logs in or provides personal details.

Cut your business Ransomware risk

Your employees are your greatest threat, and since ransomware makes its way into your system via an attachment or spoofed site, your team members need to recognise and avoid malware attempts. By clicking on a bad link, even a trusted employee who only wants the best for your business inadvertently invites the ransomware in and exposes your organisation to risk.

Educating employees about the risk of ransomware, and how links, apps and emails could pose a risk, can help you prevent this form of malware attack. Since the forms of ransomware evolve so quickly and the primary solution is to pay the ransom, keeping this malware out of your system in the first place is the best way to prevent downtime and the high cost of restoring access.

Your employees need to know about the latest threats, and to understand that antivirus protection or firewalls just are not enough. Since ransomware works by being virtually invited into your network by a credentialed person, an educated and malware-savvy team is your best defence against this insidious form of hacking.

Taking the time to learn more about ransomware in general and reading up on the specific forms of ransomware as they evolve can help you protect your business and reduce your risk. An in-house IT department or managed IT service provider can help you take steps to educate your team and mitigate your risk as well.