< Back to Insights
Bitcoin payment via ranswomware | Informer. Vulnerability scanner

QUICK GUIDE: understanding ransomware

Ransomware stories are familiar features in news stories. But, what exactly is ransomware and how can you avoid becoming a victim?

In short, ransomware is a form of malicious software that threatens to publish a victim’s data or block access to it unless a ransom is paid to recover it.

Who are the victims?

Anyone can be a victim.

  • Individuals
  • Businesses
  • Government agencies
  • Academic institutions
  • Law enforcement agencies

How does it work?

Attackers can spread malicious software through email attachments, infected external storage devices and websites that have been compromised.

Unlike most cyberattacks the victim is notified and is supplied with instructions on how to recover their data. Attackers develop ransom cryptware to encrypt files using a private key that only they have access to. Victims are then told if they do not pay a sum of money by a certain time the key required to access their data will be destroyed. 

Typical ransoms are around £300, but varies drastically.

Victims may also be tricked into thinking they are part of an inquiry, such as from Microsoft or a Police force. They’re informed that they have illegal content on their computer and need to pay a fine.

Other forms of ransomware attacks include attackers encrypting files on a computer and trying to sell software, such as fake antivirus, that promises to help victims unlock their data and prevent future attacks.

Attackers may also lock a computer and deny a victim access to their data until the ransom is paid or they may threaten to expose data to the general public.

Bitcoin is the most popular form of ransom payment as it prevents the attacker from being tracked. Although they can be identified once they retrieve the money.

If I pay, will I get my data back?

We recommend that you never pay the ransom. You will be funding criminals and you are never guaranteed that your data could be recovered. 

If you do pay, how do you know that you have locked them out of your computer and that they could never return? 

They may have installed malware that always gives them access to your computer. We’re aware of businesses that have paid and were not able to recover their data.

How can you defend yourself?

Unfortunately, ransomware is nearly impossible to stop. However, there are some steps you can take:

  • Keep a backup of files
  • Keep your antivirus software updated
  • Ensure operating systems are updated
  • Don’t open suspicious attachments
  • Train staff in security awareness

Informer offers security training so you can stay up to date with threats and help protect your business. 

Get in touch to see how we can help.

After the Wannacry ransomware attack - famed for affecting the NHS - Informer founder, Marios, gave advice on how to protect yourself to Radio 1 listeners.


More from

security trends

5 Tips to scale your cyber security

Learn how to adapt your cyber security program as your business and online environments grow.

Read Article >

COVID-19 Impact: Financial services cyber security programs

2020 has seen a sharp increase in cyber security attacks increasing by 33% between January and March.

Read Article >

How machine learning is used in cyber attacks

Machine learning is not only utilised by security professionals, but by adversaries with malicious intent. How are they using this to improve their cyber attacks?

Read Article >