Ransomware is a type of malicious software, also known as malware, that takes over a user’s computer and threatens to continue restricting access unless a ransom is paid. In some cases, the cyber criminal may even threaten to publish sensitive data if the ransom isn’t paid. One of the most common ways is a phishing scam. Employees receive what seems a trustworthy email with an attachment. If it is downloaded and opened it can infect the computer and sometimes the entire network.
In principle once the payment is provided, users will receive a decryption key and be able to access their computer or system.
Ransomware attacks have fast become a common occurrence.
What businesses are vulnerable to ransomware attacks?
While all businesses are vulnerable some industries are more susceptible than others. Criminals tend to target businesses based on the software the company uses, how much the data is worth (i.e. if the business is likely to pay the ransom) and the impact of an attack.
Government institutions, energy and utility companies academic organisations, and healthcare facilities are some of the biggest targets for ransomware attacks.
How to protect your business from ransomware attacks.
Regardless of your business, you should have a proper cyber security plan and correcting strategy to protect your business from ransomware attacks. As part of GDPR this is a legal obligation now. Without the right plan and IT support in place if you show that care has not been taken of the data a business holds you could be liable to fines from the ICO if a breach occurs.
- Back up your data – but be aware some ransomware attacks can also attack backed up files.
- Keep the company’s operating systems up to date and instal antivrus software.
- Invest in IT training or outsource your IT support.
- Staff awareness and education.
Understanding how ransomware works is vital to ensuring that any potential attacks have the best chance of being prevented.