In 2014, ransomware invaded the Web.
Ransomware has been around for many years. But 2014 saw a 700% increase in its use, according to a white paper by KnowBe4.com
. And it’s still growing.
What is Ransomware?
"Ransomware" is a type of computer program that steals your data and demands money from you to get it back. It’s a form of cyber-blackmail.
The typical method it uses to do this is as follows:
- Malware gets onto your computer (from an email attachment, social media, etc.).
- The malware downloads a ransomware program.
- The ransomware encrypts part (or all) of your computer’s hard drive.
- A message pops up demanding money, or you’ll never get your files back.
- The blackmailers usually want you to pay in Bitcoin (because it’s anonymous).
- If you pay, the blackmailer sends a key which lets you decrypt your hard drive & gets your files back. Most of the time.
While there are no guarantees the blackmailer will let you unlock the files after payment, this article from NetworkWorld
says ransomware authors do "honor the agreement."
An example—In December 2014, the Massachusetts Police Department paid $500 to CryptoLocker
. The ransomware app had rendered the Police Department inoperable. Entering the Police Department network through a workstation, it found its way to the main server, and even got to the external backup drive.
Ransomware is already in its fifth generation. And it’s become big business – CryptoLocker, one of the most famous ransomware programs, netted cyber-criminals an estimated $27 million in 2013-2014!
Dozens of ransomware programs exist. They now spread on-demand, using everything from social media to cloud storage (like Dropbox) to infect more computers. Even the Mafia now uses ransomware, for a modern twist on the old rackets.
The Best Defense: 3 Prevention Methods
Because ransomware spreads via malware tactics, protecting your office against malware will reduce the chances of getting hit. We advise using all 3 of these methods.
- Security Training – Train employees to use caution with email, suspicious websites and social media. There are cues to watch out for, such as an unexpected popup asking you to click it. (Don't click.)
- Backups – Make daily secured backups to keep all users’ data safe! And check them regularly.
- Network Security – Anti-malware, email filtering, share access restrictions, etc. Critical protection at the server-level minimizes the chance a user’s PC/tablet/phone is hit. One app which helps protect computers from attack is Malwarebytes.
More questions about ransomware and our recommended solutions? Email us for help at firstname.lastname@example.org