As the world grows more reliant on data and computing power, cybersecurity is an increasing concern for every data-driven business. Modern cybercriminals and hackers use a variety of sophisticated tools and techniques capable of crippling a business, financially exploiting individuals or entire enterprises, and leaking sensitive information.
Of all the methods modern hackers employ, ransomware is one of the newest – and most worrisome trends to enter the cybersecurity conversation. If you want to help protect your organization (and yourself) from ransomware attacks, it’s important to learn more about these attacks and ways to defend against them.
How Does Ransomware Work?
As the name suggests, once ransomware takes hold of a system, it will encrypt all the files on that system and hold it for ransom, usually in the form of digital currencies such as bitcoin. A user clicks on a malicious link, allowing the ransomware to embed itself in the user’s system. Once a user takes a specific action, the ransomware activates, locking the user out of the system until they pay the ransom.
Ransomware can cause serious problems for businesses. Modern companies collect and store vast amounts of data, including customer and partner financial information, private correspondence, proprietary designs and prototype information, and employee data. If ransomware encrypts this data, a company may not be able to recover. The damage can also extend to that company’s customers and business partners as well.
One of the worst aspects of ransomware is that paying the ransom is never a guarantee that the user will recover his or her files. The hacker can do whatever he or she pleases with the user’s system once the ransomware activates. After paying the ransom, the hacker may simply delete all of the user’s data, attempt to attack other connected networks, or leak the stolen files online. This can be financially disastrous for individuals and entire companies.
New Ransomware: Spora
Of the many types of ransomware seen recently, a new program called Spora is particularly worrisome. Unlike other ransomware, Spora can perform strong offline encryption and can encrypt files without needing to contact a CnC server. CnC, also called command-and-control servers, are responsible for maintaining communications within a network. Most ransomware programs use these to encrypt files on a network, but Spora does not need one.
Spora leaves specific files in your system untouched so your computer can boot normally. This increases the likelihood that the victim will pay the ransom. Victims will sometimes shut off their systems out of panic, while the ransomware prevents it from rebooting again, effectively nullifying the chance of collecting ransom.
Some of the best ways to prevent ransomware attacks are simply best practices for safe online conduct:
- Email. Many ransomware attacks originate from malicious links in email. If you aren’t certain who sent an email, do not open it. Never download any attachments from suspicious emails, and be certain to check the return address from the sender. Some hackers will use carefully constructed email addresses to disguise themselves, so vigilance is crucial.
- Back up your data. If you back up your files, there is no reason to pay the hacker’s demands. While the hacker still has your data, you haven’t lost anything if you’re diligent about backing up your data. Many experts suggest a 3-2-1 rule: Always keep three copies of your data in at least two different locations, one of which should be remote or offline.
When ransomware infects your system, it will automatically attempt to spread to every connected drive and may attempt to hack other users’ systems on your network. The less vulnerability you have, the fewer chances ransomware will have to do damage.
- Keep programs updated. Out-of-date software and plugins are ripe targets for hackers using ransomware. An outdated piece of software can leave your system vulnerable, so make sure you’re always using the latest versions of all your applications and browser plugins.
- Regularly run virus scans. Invest in a reputable and reliable antivirus program, but don’t rely solely on automated scans. Take the time to scan your system for malicious programs on a regular basis – daily, if possible.
Keep these best practices in mind to reduce the chances of ransomware locking you out of your valuable files.