By DeVry University
December 08, 2021
8 min read
December 08, 2021
8 min read
Imagine instantly losing access to all of your most sensitive information, including financial account logins, personally identifiable data and your complete medical history. Now imagine that the only way to restore access to that information is by paying a faceless cybercriminal a large amount of money without a guarantee that your data will be restored.
These scenarios represent a growing attack vector that cybercriminals use to coerce individuals and companies worldwide to meet their demands: ransomware.
This type of malware encrypts the victim’s data and demands payment to provide the decryption key. These attacks are not new, but they have increased in recent years due to the rise in operational risks associated with more employees working from home, as well as the increase in “big game hunting” of high-profile company targets.
Read on to learn more about what ransomware is, how it works and how you can protect yourself and your organization from these types of dangerous cyberattacks.
Since 1989, ransomware, in conjunction with Big Game Hunting (BGH) of high-profile cyber targets by cybercriminals, has become a growing concern for businesses and organizations of all sizes. Ransomware attackers are expanding their ransomware campaigns to include blackmail and other extortion techniques, according to the 2021 Global Threat Report by CrowdStrike.
Extortion is a tried-and-true tactic and cybercriminals infrequently get caught, making ransomware attacks devastatingly effective. Their reliance on cryptocurrencies for ransom payouts avoids traditional financial tracing, making for a “clean escape” after the damage is done. Unfortunately, the dynamic battle between ransomware targets and attackers is an ongoing "cat and mouse" situation. There is no perfect solution, only continued cyber security protocol improvements to be made.
Extortion is a tried-and-true tactic and cybercriminals infrequently get caught, making ransomware attacks devastatingly effective. Their reliance on cryptocurrencies like bitcoin for ransom payouts avoids traditional financial tracing, making for a clean escape after the damage is done. Unfortunately, the dynamic battle between ransomware targets and attackers is an ongoing cat and mouse situation. There is no perfect solution, only continued cyber security protocol improvements to be made.
Businesses and larger organizations can protect their data from ransomware targeted attacks by taking measures to increase their defensive protocols and preparing for a ransom attack. CISA shares how they can accomplish this goal with their Ransomware Prevention Guide by utilizing tips such as:
If you have up-to-date antivirus software, the program will often detect most ransomware before it has a chance to do any harm. If you are not sure whether your system has been infected, there are some signs you can look for. Many ransomware variants will create a text file with ransom notes and leave them on the victim's desktop or in one of their folders. It may also change your wallpaper with a message demanding payment for the decryption key.
Some people mistakenly think that they need to submit the payment immediately to speed up the process of restoring their system. According to the FBI, this is unwise. When ransomware victims quickly pay the ransom, cybercriminals see that their campaigns work and it encourages them to plan more attacks. Additionally, there's no guarantee that victims can trust cybercriminals not to re-attack in the future or publish stolen data even after they’ve received the ransom payment.
Instead, if you suspect that you have been a victim of a ransomware attack, a better course of action is to bring the incident to your company (if you are an employee) or cybersecurity provider (if you are a business owner) first. Together, you can work to resolve the issue, and then contact the appropriate government agencies to report the cybercrime and receive guidance.
CISA recommends following these steps if no initial mitigation actions appear possible: