Ghouls, goblins and the living dead can all send a chill down one’s spine. Ransomware, for some people, is even scarier. 

So, what exactly is Ransomware? 

Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. The data is held hostage using encryption technology, rendering files unreadable. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. 

Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities.  

How does Ransomware get delivered?  

Ransomware is commonly delivered through phishing emails or via “drive-by downloads.” Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment. Not sure about the content in an email? Call to the sender first, before clicking on any links or opening attachments. 

Want to learn more about Phishing? Check out our blog!  

Can you recover once you’ve been hit with Ransomware? 

Recovery can be a difficult process that may be impossible without proper backups. Even data recovery specialists are frequently unable to remove the infection due to the encryption technology being used, and some victims are forced to pay to recover their files. However, there is no guarantee that individuals will recover their files if they pay the ransom.  

How do you protect yourself from Ransomware? 

The only way to ensure you can recover from a ransomware attack is to have a rock-solid backup solution. Backup data must be stored in multiple locations with at least one copy in a secured, offsite data center. Most importantly backup data must be tested regularly! 

The best way to prevent infection is to educate yourself and your employees on how to recognize phishing emails. There are many options for security awareness training and ICS recommends KnowBe4.  

What if it’s too late? 

If you’ve clicked on a suspicious link or think you might have, immediately disconnect the infected system(s) from all network connections – unplug the network cable or disable the wireless – but be sure to leave it running and contact your Incident Response team. Powering off the machine is appropriate only if you are unsure or unable to disconnect from the network. Turning off the system(s) can result in the loss of valuable information needed to trace the source of the infection, aid in the recovery and help prevention of future infections.   

Interested in learning more? Or want to make sure your business is operating under a secure network? Contact us today!