A Simple Definition of Ransomware:
Ransomware is a type of malware; software that is designed to cause disruption. Ransomware in particular prevents or limits a user or an entire organisation from accessing their IT systems or network. This could simply be by locking the screen or by locking data until a ransom is paid.
How does ransomware get on your computer?
Ransomware is most commonly spread through phishing emails. Emails are sent to inboxes impersonating a company or sometimes targeted to appear from a colleague.
The email will contain unsafe links or files that once opened, will download and install malware without the user’s knowledge.
How to respond to a ransomware attack:
If your network has been compromised, the cost could be significant. It’s not just about the sum of the ransom being demanded, but the company time lost whilst unable to access your data. Not to mention the fact that paying the ransom puts you on an easy target list. Here’s how to respond:
- Containment – Once you are aware something is happening, you need to stop it from spreading. Shut down your IT systems if required.
- Analysis and review – Check backup consistency, do this early so you know you can recover.
- Eradication – Ensure the threat actor has been removed from systems.
- Recovery – Engage your recovery plan. Restore the systems you need and check again for threat actor activity before going live again.
- Review – Learn from what happened. What can you do to stop it in the first place and what can you do to recover in a better way.
How to prevent an attack from happening:
- Check out our Cyber Score! * shameless plug *. But seriously, Cyber Score is a great way to assess how secure your business is from cyber threats. Give it a go.
- Keep your systems up to date. We know that random updates popping up can interrupt your day, but it’s best to do them as soon as possible to stay secure.
- Use good security tools – we can recommend some if needed.
- Move to a zero-trust model. Zero trust is a strategy that involves both employee attitude and security policies on devices. Question everything you do and restrict access to data and applications. Want to know more? We’ve put together another insight on this here.
- Have a good backup and test it regularly!