Ransomware is any type of malicious software that infects a computer and either prevents it from working as it should or prevents access to certain files until the user pays a ransom. Typically, the hackers behind the ransomware demand bitcoin—a type of digital currency that is difficult for police to trace.
Businesses of all sizes have become targets of ransomware, as it can infect not only personal computers, but also entire networks and servers.
How Ransomware Can Spread
There are many ways that ransomware can spread, including but not limited to the following:
· Visiting fake or unsafe websites
· Opening emails or email attachments from unknown sources
· Clicking on suspicious links in emails or on social media
What Ransomware Does to Your Computer
There are two main types of ransomware that can hold computer systems hostage:
· Lock-screen ransomware works by displaying a window on the computer’s lock screen that attempts to prevent access to the computer. The message on the lock screen may even claim to come from the federal government, accusing the user of violating a law and demanding a fine.
· Encryption ransomware works by keeping the computer available but encrypting certain types of files, thus making them unreadable. Cyber criminals target files that include sensitive information as that data is assumed to be of the most value. When a system is infected with encryption ransomware, a pop-up screen will instruct the user to buy a private decryption key to release the hacked data.
How to Respond
Regardless of the type of ransomware, experts recommend against paying the ransom. After all, there is no guarantee that victims will regain access to their computer, network or files after a ransom is paid. Furthermore, ransomware victims that pay the ransom may be considered as repeat targets.
- Report the event to your local FBI office.
- File a complaint with the Internet Crime Complaint Center.
- Restore file backups, if available.
- Contact your insurance agent to see if your organization’s insurance program covers the costs of ransom money paid and lost business.
How to Protect Your Organization
Cyber extortion from ransomware is a legitimate threat to all businesses—no matter the size. The best method of prevention is to keep confidential information and important files securely backed up in a remote location that is not connected to your main network.
Additional prevention measures to consider:
- Educate employees about ransomware and how to detect suspicious email and attachments.
- Implement a protocol for reporting incidents of ransomware and other suspicious cyber activity.
- Develop a schedule for regularly backing up sensitive business files.
- Update software across your entire organization as soon as updates are released in order to patch any security vulnerabilities that cyber criminals rely on.
- Purchase cyber liability insurance that not only helps your organization respond to threats, but can also help cover the cost of the ransom and other losses incurred as a result of cyber extortion.
As cyber criminals continue to see the value in encrypting data and restricting the access of users, ransomware will continue to grow.
As cyber criminals continue to see the value in encrypting data and restricting the access of users, ransomware will remain a top cyber risk. Don’t let ransomware – or any type of cyber exposure – threaten your organization. Contact First Insurance Group to ensure you have the proper coverage and the tools necessary to protect against losses from cyber attacks.