Ransomware: What You Need to Know

Businesses today are dependent on technology. But with the marvels of today’s computer networks, data usage, accessibility and storage comes the ever-present threat of viruses, hacking, scams and even having data “kidnapped” and held for ransom.

Jacquie Hotovec, EMC Information Security Consultant, deals with the possibility of such threats daily. She keeps EMC and its policyholders informed of the latest threats facing business technology today. Jacquie provides answers to common ransomware questions:

1. What is ransomware?

   Anyone who works on a computer or has dealt with technology has heard of or experienced a virus. They’ve also likely been exposed to the threat of personal information being stolen during a hacking encounter. Ransomware is a type of malware that goes one step further. It locks up the information on the computer system, often encrypting it so it’s inaccessible without a key. The information is, in theory, held hostage until the computer owner or business pays a ransom, generally in bitcoin or through a credit card. Unfortunately, even after paying, the information often isn’t unlocked and is never recovered.

2. How does ransomware work?

   It may begin with a phishing email, which tries to get an unsuspecting employee to click on a link or attachment that allows a scammer into the entire computer network. The email may appear to be from a trusted contact such as another business, a friend or a co-worker. Additionally, an employee may accidentally visit a fake site or download fake software updates that lead to a ransomware infiltration. Other ransomware deceptions may come from a fake pop-up message, supposedly from security software company or a tech support company.

3. Who is generally targeted by ransomware?

   Computer systems and mobile devices can be targeted. Threats are often made to companies, as the stakes may be higher, and companies might be more willing to pay for the possibility of getting their data back. However, even a solo computer can be attacked. In any case, the easier it is to get into a system, the more likely it is to be compromised.

4. How can our organization prevent ransomware?

   Be diligent each time you are on your computer. If the name of an attachment looks odd or there’s wording that does not sound quite right, don’t hesitate to question it-even if the email appears to be from a co-worker or a trusted contact. And never click on links from someone you don’t know. Other preventive steps to take include installing security updates to your computer system, keeping all software up to date and investing in good malware protection.
   The best protective measure your company can take is backing up your system frequently with the system disconnected from the internet. That way, ransomware can’t take over your backups in addition to your computer network.

5. What do we do if our data is “kidnapped” and we are asked to pay a ransom?

   This rarely turns out well. More often than not, you won’t get the encryption key after paying, so most experts advise companies not to pay. Paying also encourages ransomware to gain a foothold.