Individual Cyber Security
What is Ransomware and What are Some Best Practices for Ransomware Prevention
One of the most common threat types in the cyber world today is Ransomware. We are seeing more and more of it, and it was the center of the highly publicized breaches in a U.S. oil pipeline company and a global meat producer.
What is Ransomware and How Does it Work?
So, exactly what is Ransomware? Ransomware is malware (software intentionally designed to cause damage to a computer, server, client, or computer network) that employs encryption to hold a victim’s information for ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom payment is then demanded to provide access to those files and information.
Ransomware is often designed to spread across a network, targeting databases and file servers, and can thus quickly paralyze an entire organization. It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses upon businesses and governmental organizations.
Ransomware is commonly delivered through phishing emails or via “drive-by downloads.” Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim, enticing the user to click on a malicious link or open a malicious attachment. A “drive-by download” is a program that is automatically downloaded from the Internet without the user’s consent and often without their knowledge.
So how can you avoid a Ransomware attack? It’s not easy because many times the hacker sneaks into your network undetected. Since Ransomware attacks often leverage phishing, phishing best practices can help avoid Ransomware attacks, as well as the tips below.
Ransomware Prevention Tips
The Cybersecurity & Infrastructure Security Agency (CISA) and the guidance from the White House to corporate executives and business leaders on cybersecurity are good sources of information with Ransomware prevention tips and ways to protect against Ransomware attacks.
What to Do If Your PC is Infected with Ransomware?
Change all system passwords once the Ransomware has been removed. You can submit Ransomware files to the Cybersecurity and Infrastructure Security Agency (CISA) for analysis via https://www.malware.us-cert.gov/.
For additional information, check out the CISA website at https://us-cert.cisa.gov/ncas/tips/ST19-001.