What is a ransomware attack?
A large proportion of the working people have been working from home for the past two years. This means a large part of the business conversations and activities took place online. While this way of working had positive effects, it also opened the door for data leaks and cybercrime. In this article we’ll tell you everything about ransomware, what it is, how it works and what you can do against it.
What is malware?
Malware is an umbrella term for software like viruses, spyware, and Trojan horses. Malware usually ends up on a computer or network when employees click on a link or document that contains this software. Because many organizations’ work traffic has been from home in recent years, we are seeing an increase in malware attacks.
What is ransomware?
Ransomware is a form of malware. This form of malware ensures that people within the organization can no longer access important documents or processes that are essential to keep the organization running. Often a large ransom is demanded from the organization to regain access, hence the name. Here are some more types of ransomware that hackers can use:
- Screen locker ransomware: A form of ransomware that blocks the access to your screen.
- PIN locker ransomware: This one changes the pin code of your device, so you can no longer log in.
- Disk coding ransomware: This form of ransomware encrypts the Master Boot Record and other (file) system structures. As a result, you no longer have access to the operating system. As a result, you no longer have access to the operating system.
- Crypto ransomware: This is a pesky type of ransomware because it encrypts all user files on the disk.
What to do when a ransomware attack occurs?
Ransomware attacks have also been on the rise in 2022. According to research by cybersecurity expert Acronis global damage from ransomware is estimated to exceed $30 billion by 2023. If you must deal with a ransomware attack yourself, take the following steps:
- The first rule in case of a ransomware attack is to never pay ransom. This will only add fuel to the fire. Cybercriminals will see you as an easy target and will have extra reason to carry out more attacks. Remember: these hackers are criminals! You have no guarantee that they will hold up their end of the bargain.
- Is only one computer or device within the corporate network affected by a ransomware attack? Isolate this device immediately! You can do this by disconnecting the network connection.
- Encrypted files can be ‘decrypted’ with recovery programs, also known as decryptors No decryptor available? In that case backups are the only way to get files back. Make sure you regularly make backups of your documents.
- When a ransomware attack only encrypts specific files involving personal data, then it is officially seen as a data breach. You have to report this to the Data Protection Authority within 72 hours.
- We’ve mentioned it quite a lot, but it can’t be repeated too often: Make sure that existing software, applications, and devices are always up to date. That also means the operating system!
How to protect your organization from ransomware?
Unfortunately, it’s impossible to completely rule out a ransomware attack. The right security software and security measurements, however, go a long way. The most important aspect on how to survive a ransomware attack is timing. The earlier you intervene, the better. The above tips help detect and combat an attack early. We’d like to emphasise it once more: regular backups will significantly reduce the impact of a ransomware attack!
Want to know more about the impact of ransomware attacks on your company or how you can better protect important data against cybercriminals? Please contact one of our experts. We are happy to help!