As noted by one well-known commentator in the cybersecurity space, Graham Cluley, “Online extortion – whether it be by ransomware encrypting victims’ files and locking up computers, or demanding payment to stop blasting websites offline through denial-of-service attacks – is surging and only likely to get worse in the next six months. Unless companies take steps now to reduce the risks with a layered defence and recovery procedures they may find themselves struggling to cope.” (Source: “Cyber criminals turn to ransomware as victims pay out,” ITProPortal, January 26, 2016). The problem with ransomware today is that it is insidious. What is ransomware? Ransomware is a variant of malware that encrypts your files or even your network until you pay the attacker a “ransom” (most likely, in untraceable bitcoin).
Underneath the rubric of ransomware are other variants of malware that might steal your data. Thereafter, you might receive an email from an attacker demanding payment in exchange for the return of your data. Unless payment is received, the attacker may post your data (say your limited partner information, which might include highly confidential information) on a public website so everyone can see it. Faced with reputational issues, the firm involved might decide to pay the ransom. Of course, this is fine until three months later, when the attacker comes back, steals further information and then doubles or triples the ransom.
From a “how do they do it perspective,” most attackers spread ransomware though socially engineered spearphishing, where an unsuspecting employee gets a very authentic email from his bank, gym or from even a “co-worker” asking them to click on the attached file (which ends up being laced with Malware). Other ransomware variants start from a distributed denial of service attack, which distracts IT and others in the firm while the attackers enter through a backdoor and spread the malware on the network. Sneaky, but efficient. It usually works.
What can be done to avoid or minimize these risks?