The arms race between cybercriminals and security firms has reached a fever pitch. Today end users and businesses alike are faced with the growing threat of Ransomware. This is a type of malware that locks and encrypts devices and files preventing access unless a specific amount of money (Ransom) is paid. In 2015, the FBI received roughly 2,453 complaints related to Ransomware malware attacks, which amounted to $24.1 million in losses.
Ransomware relies on social engineering to spread through infected phishing emails, attachments, or malicious content running on infected websites. Once a machine has been compromised, the malware executes and encrypts all data files. This includes local files as well as network drive file storage. After the files are encrypted, they are unrecoverable unless a “ransom” is paid to the attacker. Outside of restoring from a backup the only way to restore the data is to pay the distributor of the malware. (Whoa!)
Initially, individual home users were targeted — but the focus of these attacks has shifted, and businesses are now their primary targets. The shift of the attacks has made these Ransomware companies very profitable, and as such the problem is growing rapidly. As the malware continues to evolve and become more sophisticated, the organizations have grown and now have full time employees dedicated to developing and improving the malware. They leverage some of the most sophisticated phishing and social engineering techniques seen to date. The threat posed by Ransomware is growing and should not be underestimated by our clients.
To mitigate your risk ,the Internet Crime Complaint Center (IC3) division of the FBI recommends the following:
- Always use antivirus software and a firewall. It’s important to obtain and use antivirus software and firewalls from reputable companies. It’s also important to continually maintain both of these through automatic updates.
- Enable popup blockers. Popups are regularly used by criminals to spread malicious software. To avoid accidental clicks on or within popups, it’s best to prevent them from appearing in the first place.
- Always back up the content on your computer. If you back up, verify, and maintain offline copies of your personal and application data, ransomware scams will have limited impact on you. If you are targeted, instead of worrying about paying a ransom to get your data back, you can simply have your system wiped clean and then reload your files.
- Be skeptical. Don’t click on any emails or attachments you don’t recognize, and avoid suspicious websites altogether.
IC3 additionally says if you believe you are a victim of ransomware to file a complaint with the FBI and suggests disconnecting from the internet to avoid any further data loss if you receive a message demanding payment.