What is ransomware?
Ransomware is a form of malicious software or malware. It encrypts a user’s files, and denies access to those files until a ransom payment is made.
How does ransomware work?
Ransomware is often delivered via phishing emails or infected websites.
When a ransomware attack takes place, users may see a screen stating that payment must be made within a certain timeframe, otherwise, users must forfeit the data on their computers.
Electronic ransomware payments are often made in Bitcoin, an e-currency that’s untraceable.
What if an organization does not want to pay the hacker/s?
An organization that experiences ransomware may not want to pay hackers for any of a variety of reasons.
- Federal entities often advise against paying
- Payments can be costly. The average payment is over $500,000 USD.
- There’s no guarantee that the hacker will actually unencrypt the data.
- Payments may support nation-state backed hacking groups. On some occasions, businesses that paid ransoms unwittingly funded terrorist organizations.
Organizations that do not pay ransoms must recover their files via backups, or they must hire experts to crack the mathematical codes that ransomware relies on.
Can ransomware specifically impact C-level executives?
For cyber criminals who are interested in deploying ransomware, choosing high-value business targets is advantageous. Senior business leaders typically retain access to sensitive corporate information that hackers want, or that leaders want to ensure is properly returned and restored.
C-levels may offer cyber criminals easy points of entry into systems; through unprotected mobile devices, through frequent remote network access via unencrypted systems, and more.
How can organizations protect themselves from ransomware attacks?
Preventing ransomware is a multi-pronged endeavor. A combination of the right software, policies and user awareness initiatives are necessary.
How can C-levels protect themselves from ransomware attacks?
- Avoid clicking on links that are from untrusted sources.
- Avoid opening email attachments from untrusted sources.
- Avoid downloading software from unsecure websites. Ensure that your websites have “HTTPS” in the URL, not just “HTTP.”
- Ask your IT professionals to set up a Virtual Private Network (VPN) on your behalf. This way, when you connect to wi-fi in airports or cafes, your online interactions and exchanges will be secure.
- Rely on security software to protect your devices. Work with your IT professionals to choose a comprehensive suite of security software tools to protect your devices.
- Keep your security up-to-date. New types of ransomware periodically emerge, so be sure that you’re able to fend off the latest attack types.
- Ensure that you have backups of all of your data.
For more information on ransomware threats, visit Cyber Talk.