The Darkside of Cyber Terrorism: Ransomware


Ransomware is a sub-class of malware. This malicious software encrypts the target’s files. It prevents the user from accessing any of their data. All files, folders, pictures, videos, and so on get encrypted by adding a unique extension to all files.  

Ransomware working:

All the data is held hostage as the victim cannot access any of the files. Next, the malicious attacker demands some ransom. The files of the victim only get access if they pay the said amount to the attacker. 

Infected files can only be recovered by using the decryption key, which only the attacker has. After the initial attack, the ransomware tries to spread to other devices which are attached to the system. Ransomware can spread to shared devices, shared drives, servers, and other accessible systems. 

Ransomware risk in a nutshell:

Once infected, the attacker usually gives a fixed period to hand over the ransom. If the conditions and time frame are not met, all your data can be deleted. Therefore, ransomware is a big nightmare for IT administrators if not properly prepared.

Ransomware and threat to SME’s:

SME’s face the greatest threat as they have multiple devices connected as a network. If any system within your SME’s is compromised by ransomware, it can spread throughout the whole network and encrypt all files. This can cause the business activities to halt, causing your company a big loss. Not only will your company lose important files, but also customers due to downtime. If not properly prepared, it can result in the permanent loss of crucial data.

How Ransomware breaches?

One of the most common ways is a phishing email. Any employee can mistakenly download an attachment file from a legitimate-looking email that can launch the ransomware program. Downloading legitimate-looking software from the web can also be hidden ransomware. Other ways include breaching through fake advertisements and even removable USB sticks.

“To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity… The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services… and invest in both technology and personnel to match these modernization goals.”

– Joe Biden

Solutions for Businesses

Guide your employees:

Warn all your employees to not download any suspicious-looking files on their system. Inform them to thoroughly read an email and look at the sender’s email before downloading anything attached to it. 

Security patches:

Keep your servers updated with the latest security patches. Install regular updates to stay up to date with the latest antivirus. Keep your OS updated as well.

Backup:

This is one of the most effective ways to handle ransomware attacks. In addition, having a backup solution ready is a great business continuity tool.

You can choose three backups depending on your companies’ needs—onsite, offsite, and cloud-based. 

Onsite backups involve storing copies of your data locally on hard disks and servers inside your company premise. These backups are easy to configure, and accessing data from them is very fast. Again, the low cost makes them the first choice.

Offsite backups are backups that are stored away from your companies’ geographic location. The data can be stored on multiple servers at different locations at a time. You must choose to encrypt data before sending it to the remote server. This involves a fee, and disaster recovery is slow compared to onsite.

Finally, cloud solutions are also viable where you can regularly sync your companies’ data with the cloud server. Instead of buying hardware, you can just pay a small fee to use SaaS for your backups.