Ransomware is infecting computers at an astronomical rate and putting critical business data at risk. But there are some key steps you can take to protect your business.
Ransomware is a form of malware, or malicious software, that encrypts digital files, essentially holding data hostage until a ransom is paid to cybercriminals. It’s typically distributed through infected email attachments and links to dangerous websites. But cybercriminals also have a reputation for hacking into business networks—usually through known security holes—and launching ransomware attacks manually.
In fact, these attacks are expected to cost businesses and individuals more than $5 billion in damages in 2017, according to a new report from IT research firm Cybersecurity Ventures. That figure includes the cost of paying the ransom, loss of data, system downtime, and lost employee productivity.
Here’s a quick look at three newly discovered ransomware viruses that could pose a threat to your business, along with some useful advice on how to stay protected.
1. WannaCry Ransomware
The WannaCry ransomware virus first made headlines in May when it began locking down computer files and disrupting operations at hospitals throughout Great Britain. In less than three days, the virus spread to more than 200,000 computer systems worldwide, and security experts say new versions, or variants, of WannaCry are popping up all the time.
WannaCry’s creators use massive email phishing campaigns to snare victims. The emails contain malicious links and attachments that, once clicked, download the ransomware onto victims’ computers. At one point, the creators of WannaCry were sending 5 million phishing emails per hour, according to Forcepoint Security Labs.
2. Cerber Ransomware
First discovered last year, Cerber has grown to become one of the most prominent and dangerous ransomware families on earth. The malware is typically delivered via network exploit kits hidden within email attachments, according to antivirus software firm Trend Micro. Once the attachment is opened, the program downloads Cerber ransomware, encrypts files, and spreads itself across the network. Cerber is specifically programmed to go after files stored in shared networks and machine drives.
3. Locky Ransomware
Locky was the dominant ransomware virus in 2016 before essentially falling off the map. But security researchers say a new version of the file-encrypting malware began making its rounds earlier this year. Locky is typically spread through infected email attachments. The most recent version used Adobe Reader to open up a Microsoft Word document containing a malicious macro that launched the attack. That’s why it’s important to disable macros in Microsoft Word.
How to Protect Your Business from Ransomware
The best way to protect against ransomware is to take the initiative and back up your computers and servers. Here’s a quick guide on what to do if your Microsoft Windows-based computer is attacked with ransomware. Similar steps apply for other types of computers.
- Remove the computer from the network it’s running on so the infection doesn’t spread.
- Shut down the computer by holding down the power button.
- Turn the computer back on and select “Safe Mode with Networking.”
- Reconnect to the internet then download and run a malware removal tool like Norton Power Eraser or Malwarebytes.
- Once the virus is removed, delete all encrypted files and restore clean versions from your backup system.
Education is also key when it comes to defeating ransomware. Be sure to train yourself and employees on digital hygiene best practices. That means keeping software updated, using firewall and antivirus software, and avoiding unsolicited emails, especially those from unknown senders.
Latest posts by Norman Guadagno (see all)
- How Will Your Business Respond to a Ransomware Attack? - November 18, 2017
- Survey: Why Small Businesses Ignore Data Protection Risks - October 15, 2017
- 3 Ways to Increase Cybersecurity Awareness at Your Small Business - July 30, 2017