What is Ransomware?

What is Ransomware?

Cyber security is making the news headlines weekly, sometimes daily. A lot of the time we will hear that it is the major names like Talk Talk or Marks & Spencer that have suffered a data breach. It’s not that these are the only businesses being targeted, it’s just these are the only ones we are hearing about. If every business that had suffered a cyber-attack was newsworthy then we would be swamped with stories every single day.

Ransomware is just one form of cyber-attack that can severely affect your organisation, especially if you don’t know what it is or how to deal with the problem. According to research, 76% of UK adults don’t even know what ransomware is. When 54% of UK businesses have suffered a ransomware attack this is a frightening figure. We thought we would explain exactly what ransomware is and make sure you know what to do if you ever find yourself dealing with an attack.

How to spot a ransomware attack

Ransomware is a form of malware. Malware is malicious software that will cause harm to your device. Ransomware gained its name from the fact that your device’s data is taken captive and held to ransom in hope that you will pay to get your data back. Ransomware is essentially malicious code that infiltrates your computer’s system and encrypts data files. It can get on to your computer through several different channels, often malicious email attachments or links in phishing emails. Once your data has been encrypted it can lie dormant for months until you try to open one of the encrypted files. Whether it’s been dormant or it reveals itself in a few minutes, a message will appear on your device demanding a ransom payment for your files to be decrypted. Sometimes the message will appear with a deadline to make payment with the threat that the decryption key will be destroyed if you do not pay in time.

What effect does ransomware have?

By encrypting all your files, ransomware essentially grinds you to a halt. If the ransomware spreads across your network, it could grind your entire business to a halt. Think about the files that are on your computer and your colleagues’ computers. How are you able to send invoices to your clients, offer them a service and move forward and grow your business if there is no data available for you to work with? You can’t send a client an invoice if you don’t know what they need to pay for or even who they are and where to send it. Once ransomware is on your network you are immediately losing money.

How to prepare for a ransomware attack

Once a ransomware attack occurs and your data is in encrypted it’s very difficult to get it back. We recommend that you never pay the ransom. There is no guarantee that your files will be decrypted and you will probably be put on a list of people who are likely to pay up.

The best thing to do when it comes to ransomware is to be prepared in advance. If you have a good back up and disaster recovery plan in place then you should be able to recover the data that has been encrypted. A good back up and disaster recovery plan will make sure that you data is backed up with a recovery time objective (how quickly you want to get back up and running, how long you can afford to experience down time) and a recovery point objective (how often your data is backed up and how much data you are willing to lose). The other key thing with a backup and disaster recovery plan is that is needs to be tested. There is no point in waiting until an attack occurs to see if your back up actually works. You should test it regularly in the same way that you test your fire alarm. Click here for our blog on what to do in a ransomware attack.

For more information on how to prepare for ransomware then make sure you get hold of a free copy of our Ransomware Playbook which gives you tips for spotting phishing emails and steps for your IT team. If you are concerned that you are not taking the appropriate steps to protect your business from a ransomware attack then contact ACUTEC today on 01675 469020.

We're ready when you are...