“Ransomware,” a broad category of malicious programs that infect a computer or mobile device and demand payment, remains a persistent threat for companies of all sizes.
At its milder levels, ransomware can cause pop-up warnings that attempt to sell what it claims to be “security software,” while the most sophisticated versions can lock users’ encrypt files and data until the user or company pays a ransom to have the files decrypted.
Like other malicious threats, computers are typically infected when a user clicks on an email message containing a malicious attachment. In many attacks, these are disguised as shipment notifications, invoices, or other types of email attachments people are likely to open. In other instances, malware is transferred with users visit websites that themselves have been infected.
Attackers then demand payment in difficult-to-trace online currencies. Because the amount of ransom demanded – generally less than $500 – is relatively low, many people choose to pay the ransom rather than dealing with the potential loss of important information.
Numerous small businesses, for example have also paid ransoms, with most ranging between $200 and $500 – an amount calculated to be small enough that paying it seems like an easier decision than resisting the attackers, yet large enough to make an attack profitable for the criminals.
Shoring Your Defenses
You can help reduce your ransomware risk in several ways, such as being very careful about the types of email attachments you open (including those that seem to be coming from trusted senders).
You should also back up your data on a routine basis, preferably through a cloud service to provide off-site storage of backed-up files. It’s important to determine when the attack occurred and to install a backup before then to avoid re-infecting your equipment.
It’s also a good idea to consider replacing infected devices rather than trying to over-write their software. If you can get new equipment delivered quickly, installing a backup to a new machine is likely to be safer than hoping you’ve eliminated the infection from your existing IT gear.
It’s also important to make sure your computers and have the latest security updates from your software providers. Be sure also to pay attention to plugs-in such as Java, Flash, ad blockers, or other extensions.
By paying attention to basic security procedures, and making sure your systems and software are up-to-date, you can help reduce your ransomware threat.