Understanding Ransomware Attacks

Bitcoin payment via ransomware

Last Updated on 8 June 2023 by admin

The media is no stranger to ransomware attacks, but what exactly is ransomware and how can you avoid falling victim to this form of cyber crime?

In short, ransomware is a form of malicious software that threatens to publish a victim’s data or block access to it unless a ransom is paid to recover it.

Ransomware attacks – who are the victims?

Anyone can be a victim:

  • Individuals
  • Businesses
  • Government agencies
  • Academic institutions
  • Law enforcement agencies

How do ransomware attacks work?

Attackers can spread malicious software through email attachments, infected external storage devices, and websites that have been compromised.

Unlike most cyberattacks, the victim is notified and is supplied with instructions on how to recover their data. Attackers develop ransom cryptware to encrypt files using a private key that only they have access to. Victims are then told if they do not pay a sum of money by a certain time the key required to access their data will be destroyed.

Typical ransoms are around £300, but vary drastically.

Victims may also be tricked into thinking they are part of an inquiry, such as from Microsoft or a Police force. They’re informed that they have illegal content on their computer and need to pay a fine.

Other forms of ransomware attacks include attackers encrypting files on a computer and trying to sell software, such as fake antivirus, that promises to help victims unlock their data and prevent future attacks.

Attackers may also lock a computer and deny a victim access to their data until the ransom is paid or they may threaten to expose data to the general public.

Bitcoin is the most popular form of ransom payment as it prevents the attacker from being tracked. Although they can be identified once they retrieve the money.

If I pay, will I get my data back?

We recommend that you never pay the ransom. You will be funding criminals and you are never guaranteed that your data could be recovered.

If you do pay, how do you know that you have locked them out of your computer and that they could never return?

They may have installed malware that always gives them access to your computer. Were aware of businesses that have paid and were not able to recover their data.

How can you defend yourself against a ransomware attack?

Unfortunately, ransomware is nearly impossible to stop. However, there are some steps you can take:

  • Keep a backup of files
  • Keep your antivirus software updated
  • Ensure operating systems are updated
  • Don’t open suspicious attachments
  • Train staff in security awareness

Informer offers security training so you can stay up to date with threats and help protect your business.

Get in touch to see how we can help.

After the WannaCry ransomware attack – famed for affecting the NHS – Informer founder, Marios, gave advice on how to protect yourself to Radio 1 listeners.