Ransomware attacks are occurring more and more frequently. This past week we saw global brand Garmin fall foul to what is reported to have been a ransomware attack. Garmin is relied upon by athletes and pilots across the globe and all services were down for a number of days.
What is Ransomware?
A type of malware which hackers use to infiltrate infrastructures. The hackers are then able to take devices and/or file hostage, demanding payment to release the devices/files. Ransomware can stop access to the devices and encrypt files. Hackers then make their demands to facilitate the release back to you, the owner.
Most malware works when the user clicks on a link or downloads a file. Ransomware however, in some cases can gain access without any user input. There are a number of ways that ransomware can work against businesses.
- social engineering – cyber criminals fool the user into opening an attachment or URL. This then downloads ransomware to your infrastructure
- phishing – cyber criminals pretend to be someone you trust and send an email containing a link. The link then launches the ransomware when clicked
- exploit kit – this is a type of toolkit that cyber criminals use. The kit contains code that exploits flaws within applications, devices and networks
- malvertising – cyber criminals utilise fake online adverts. The adverts contain malware links
- drive-by downloads – a drive-by download can target users in different ways. Criminals create fake security alerts, when the user clicks the button they are unwittingly authorising the download of the ransomware. Cyber criminals can also use websites to distribute the ransomware, with this technique the user does not authorise the download. A simple visit to the website in question can see the ransomware automatically downloaded to the user’s device or infrastructure
Types of Ransomware
There are two main types of Ransomware that are regularly used by cyber criminals – encrypters and lockers.
- encrypters – the most common form of Ransomware. This type of Ransomware encrypts and locks files so that they cannot be accessed. There will be a decryption key or keys to enable access to your files but this will not be released until the user meets the ransom demands.
- lockers – as you would expect from the name, these will lock you out of your device completely
To pay or not to pay
It is crucial that victims do not pay the ransom. If the attackers successfully receive their ransom, it will encourage them to strike again. On top of that, even if you do pay, who is to say that the criminal will remain true to their word and release your files / devices?
How to avoid Ransomware
As they say, prevention is better than cure. It is better to protect against attacks rather than having to deal with the consequences. If you have a robust antivirus solution, paired with practising safe internet habits, you can vastly reduce the risks.
At Proxar we are Avast Business partners and can help you to ensure you are protected. Get in touch so that we can help you to reduce the risk to your and your business.