What Is Ransomware? | How Does Ransomware Work? | Telehouse

What Is Ransomware?

Whether you have either heard of ransomware and wondered how it works or the term is completely new to you, it's definitely a good idea to understand the potential impact of this dangerous form of malware on your business.
 
Accounting for almost two thirds of email-based attacks in Q3 of 2017, ransomware is fast taking its place among the most dominant forms of cyber-crime. A recent high-profile example of a ransomware attack was carried out on NHS hospitals by WannaCry in May 2017. The malware, which affected over a third of NHS trusts, resulted in more than 6,900 appointment cancellations, costing around £180,000 in emergency security measures alone – and probably millions of pounds in total.
 
In this introductory article, we'll explain what ransomware is, how it works and share a few measures you can take to keep your company's data safe.
 

What is ransomware?

 
Ransomware infects a user’s computer and holds the target's important files 'hostage' by encrypting them or locking the computer and refusing to release the key to the owner until a ransom is paid. While the payment of the ransom itself may already cost an organisation significant sums of money, the loss of access to key data can incur ongoing recovery costs and have far-reaching and even fatal consequences, leaving some businesses in financial ruin.
 

How does ransomware work and what types of attack are common?

 
There is a growing range of ransomware attack types, all with unique features in terms of delivery methods (which can include spoof websites, phishing emails, hacking of legitimate websites and self-propagating 'cryptoworms'), what gets encrypted, and the size of the ransom – with some demanding payment in cryptocurrencies such as Bitcoin.
 
Once the victim's files have been encrypted, payment is usually solicited via an on-screen pop-up; normally, a deadline is also given. It can be a lottery as to whether payment of the ransom is actually rewarded with a decryption key. Further payment will quite often be demanded, and sometimes nothing will happen at all.
 

How can you protect your business against ransomware?

 
If you fall victim to ransomware, most experts recommend that you do not pay the ransom as there are various ways around the encryption. Furthermore, if you regularly back up your files, you can avoid excessive damage through loss of access to data. The 3-2-1 rule can be helpful here; this refers to storing three copies of any important files across two different devices, one of which is located remotely.
 
However, taking measures to prevent an attack in the first place is the most effective way to stay safe. This can include conducting regular reviews to ensure the antivirus and internet security software you’re using is effective and keeping it up to date. Being careful about websites and emails, and the links and attachments they contain, is also essential – as is regular cyber security training for your staff.
 
Staying safe from cyber threats such as ransomware, is really about protecting an investment. If you have painstakingly built up a valuable business, your data, whether it be customer details, sensitive information or intellectual property, is probably central to its value. If you lose your grip on this data, you could find yourself waving goodbye to your business, or worse. It's vital, therefore, that you take the effective protection of your company's data seriously.
 
Telehouse offers a range of security services to help you protect your business.