The worldwide ransomware epidemic is getting worse all the time. Companies that fail to protect themselves risk losing important business data, including customer files, product designs, supplier contracts, and more.
You can take some specific steps to quickly recover digital business files following a ransomware attack—and it can be done without paying the ransom or dealing with cybercriminals.
But before we get into that, let’s talk about the scope of the ransomware problem and how to protect your business from the latest threats.
Ransomware is a category of malware—or malicious software—designed by cybercriminals to encrypt your computer files and paralyze your business. After your files are encrypted, the software displays a ransom note with instructions on how to pay the cybercriminals in exchange for a decryption key. Payment is usually made in the form of Bitcoin, cyber-currency that’s nearly impossible to trace.
Ransomware is usually distributed via phishing emails with infected attachments or through dangerous web links. Cybercriminals are also known to exploit security vulnerabilities, hack into computer networks, and manually implant ransomware.
The current ransomware epidemic began making headlines in 2013, and there’s no end to the scourge in sight. If you need proof, look no further than the dark web—where both experienced and amateurish cybercriminals buy and sell ransomware hoping to make a profit.
IT security firm Carbon Black monitored dark web forums over the last two years and analyzed the prices of individual ransomware viruses and do-it-yourself ransomware distribution kits. The company estimates that sales of ransomware increased from $250,000 to more than $6 million between 2016 and 2017.
The report also found that some ransomware vendors are personally taking in more than $100,000 per year, presumably tax free.
Ransomware viruses are abundant. Developers often come up with creepy sounding names for the file-encrypting menaces. Some of the most effective and well-known ransomware viruses include Locky, CryptoLocker, and Cerber.
And of course there was WannaCry, the ransomware that raced around the globe last May, infecting more than 200,000 computer systems in the process.
New ransomware variants are emerging all the time. Here’s a quick look at a few of them:
Locky was once the most prevalent form of ransomware, but then infections seemed to taper off last year. Well that’s all over because Locky is back and meaner than ever.
Security researchers in September discovered a new version of Locky that was used in 20 million attempted ransomware attacks in one day alone. The goal of such widespread attacks is to cast a wide net and snare as many ransomware victims as possible.
The Microsoft Windows Defender Security Intelligence team in September spotted a new form of ransomware—dubbed Troll—that targets Microsoft Windows users and encrypts every file on the victim’s computer regardless of its location or file extension. Security researchers warn that this could lead to Windows failing.
Cybercriminals are using a technique called “malvertising” to spread a new form of ransomware called Magniber. Malvertisements are disguised as legitimate advertisements on a website. But when a victim clicks on the ads, they unleash a ransomware attack that encrypts their files and demands a ransom.
Magniber is currently being used to target victims in South Korea, but as we’ve seen in the past, it could spread quickly.
The number-one way to prevent a successful ransomware attack is to exercise extreme caution before opening an email attachment or clicking on links embedded within the body of an email.
Cybercriminals have gotten very good at creating deceptive emails that appear to come from your bank, your credit card provider or other legitimate companies. They may also appear to come from friends or relatives.
Do not open any attachments or click on links unless you’re absolutely certain the email comes from a trustworthy source. Here are a few other ways to prevent a ransomware attack:
When all else fails and your computer becomes infected with ransomware, you can get your files back without paying the ransom. But it only works if you take the initiative and back up your computer files to the cloud before a ransomware attack occurs.
If your files are backed up to the cloud and your computer gets infected with ransomware, take the following steps. Please note that these instructions apply to Microsoft Windows-based computers, but the steps for Mac users are very similar:
Remember, if your computer files are properly backed up, you’ll never have to pay the ransom.