Ransomware attacks are on the rise. During the pandemic, we have seen hospital systems held for ransom, the JBS attack affecting the beef supply and the Colonial Pipeline attack causing a rush at the gas pumps, to name just a few. What can we do as employees to help prevent and mitigate these attacks?
Know the Enemy: What Is Ransomware?
Ransomware is malware that encrypts critical files and system components, rendering them unreadable and unusable. The encrypted data is held hostage and the criminal group that performed the attack demands a ransom payment to release it. When the payment is made, a unique code known as a “key” is provided to decrypt and free the data. In many recent cases, however, not only is the data held hostage, but the company and even employees are blackmailed with the threat of releasing the collected data publicly if the ransom is not paid.
Why Are These Attacks on the Rise?
Today, ransomware attacks are easy to perform and largely successful. Most attacks can also be perpetrated from the safety of countries that will not extradite or prosecute the attackers criminally. Many ransomware makers provide tools and assistance to smaller gangs, making it easier for less sophisticated criminals to perform successful attacks. And just like in the business world, some groups invest in developing their attacks and tools to attack larger organizations and even diversify their sources of revenue. If a company does not pay the ransom, the data collected — from both the company and its employees — is sold to the highest bidder. All this makes for a very lucrative criminal activity.
How Do Ransomware Attacks Work?
Ransomware attacks rely on getting initial access to a target network, and then finding, stealing and encrypting the data to ransom. Attackers gain access through:
Ø Social Engineering: This is when the attackers contact you or someone in your organization via a social media platform or over the phone to get you to either provide information that will grant them access or have you open a file that will execute malware. They often pretend to be company support personnel or a recruiter, or they may friend you over a social media platform.
Ø Phishing: This is when attackers send a specially crafted email designed to trick the recipient into…