Ransomware – a malicious type of software – is designed to infect a device, allowing cybercriminals to take over a network and block access to computer files and data. Once they're in your network, the hackers behind the scam demand a sum of money and promise to restore your access as soon as the fee is paid.
Ransom amounts can range from just a few hundred pounds to thousands if not millions, and are typically expected in Bitcoin.
So, how does the hacker infect your device in the first place?
There are different ways that a hacker can infect your device, but the most common method is through phishing. Phishing emails are designed to imitate a trustworthy source and lure victims into providing sensitive data, clicking a link, or opening an attachment. If the victim follows the instructions in the phishing email, hackers will be able to access the device and infect it with malware.
How do hackers choose their targets?
The truth is, anyone can be a victim of a ransomware attack.
But there are certain organisations that are more attractive to cyber criminals.
Some hackers target organisations that are likely to have small IT teams. For example, universities are a popular choice for hackers. They don't generally focus on cyber security and house lots of confidential data: from financial details to intellectual property, universities have a lot for cybercriminals to get their hands on. Just recently, in the late summer of 2020, Newcastle University was victim to a ransomware attack by DoppelPaymer. As a result of the attack, the university's IT systems were down and the first semester of teaching was disrupted.
Other hackers choose organisations that will pay the ransom quickly, such as government agencies and hospitals. These organisations are more likely to pay the ransom as their data is extremely sensitive and, in some cases, needed to save lives. For example, when the NHS was hit with a ransomware attack in 2017 by WannaCry, hospital appointments were cancelled and many patients were unable to access A&E.
But don't be complacent! Maybe your company has a top-notch cyber security team, or maybe you don't think your data is attractive to cyber criminals. While certain organisations are more prone to attacks than others, that doesn't mean your company is safe. Remember, anyone can be a victim of a ransomware attack!
What can you do to prevent ransomware attacks?
- Keep your network up-to-date
It's important to keep your network up-to-date and patch any vulnerabilities that you find: these weak spots make it easier for hackers to infect and take over your network.
- Install antivirus software
You should install antivirus software on your devices. The software will search your system for possible threats, and inform you of anything suspicious. If you use antivirus software, any known malware can be detected and removed before it causes too much damage.
- Only install or download trustworthy software
Be mindful of anything you install or download onto your devices. Only use software that you know you can trust. If you aren't sure about the software, don't use it! Infected malware can spread across your device and lead to ransomware attacks.
- Educate and train your employees
Most ransomware attacks start with a simple phishing scam – that's why you and your employees need to know how to spot one! Remember, a simple phishing scam could potentially cost your company thousands – it's important to educate your employees so that they know how to spot a phishing email and the risks of a successful phishing attack.
Why not try OnSecurity's phishing simulation service? Our expert team of ethical hackers can simulate a real phishing attack, allowing your employees to experience a phishing scam in a safe environment.
- Backup your files!
While following these steps will increase your cyber security, it's important to prepare for any unwelcome visitors in your network. Just in case you are hit with a ransomware attack, you should back up your files. Remember to use an external hard drive: if hackers manage to infiltrate your network and infect your data, you'll have clean, untouched copies of your company's files!