Everyone's heard their share of horror stories by now. A user gets an email from a friend, it contains an attachment infected with malware, the user opens it and boom! their computer is encrypted, locking them out of important files forever. And it doesn't matter if they pay up or not – the bad guys have their data either way.
Well not every piece of malware is the same, so we thought we'd share some of the more relevant terms to help build your vocab so you know just what you might be dealing with!
The Biggest Pain - Ransomware
There are several different types of ransomware, some being more destructive than others.
Stemming from the word cryptography, these attacks encrypt files with a private key that only the bad guys have access to. Since this encryption is extremely difficult to break, if your data hasn't been properly backed up, the only option is often to pay a ransom and hope the cyber-criminals actually unlock the data.
2013's CryptoLocker is one of the most well-known examples. It was so successful that it basically pulled a Kleenex/Band-Aid, and became the name for the entire category, sparking a wave of copycats.
Lockers take the idea from above and apply it to the entire system, preventing users from doing anything on their devices, not just accessing files. In order to gain access again, victims must pay a ransom for the bad guys to unlock their devices. Again, if your data is backed up it's best to wipe the machine and start fresh.
Like other ransomwares, this form of malware encrypts data. The difference is that doxware doesn't just encrypt a user's data – it also makes a copy of everything and threatens to publish it unless the ransom is paid. Obviously a big problem if attackers get their hands on sensitive info like trade secrets or PII.
Some Others to Consider
A tactic that uses fear instead of encryption to gain compliance - scareware will display fake warning messages on the user's screen that appear official or legitimate, often posing as a government agency or an anti-virus alert.
The message may suggest the user call a phone number allowing the attackers (posing as tech support) to gain access to the machine and cause further damage. Other times users will be instructed to pay a fine, often via some ridiculous means such as iTunes gift cards.
RaaS (Ransomware as a Service)
Some cybercriminals have launched RaaS businesses, selling customizable malware to other cybersecurity criminals. By making their malware available for a fee, these "entrepreneurs" skip out on doing the the dirty work - they're supplying shovels instead of digging the holes.
How Can You Protect Your Business From Ransomware?
There are many ways to help protect businesses' from being hurt by ransomware. Here are just a few:
- Back up all critical data and test those backups
- Train employees to recognize phishing and email scams
- Use strong passwords and multi-factor authentication
- Keep software up-to-date
- Limit access to sensitive data
Ransomware is an issue that no business should take lightly. If you're not sure where to start, a reliable IT service provider should be able to help create a solid cybersecurity framework to get your business on the right track.