Within the past month, countless city governments, corporations and individuals have fallen victim to a ransomware attack.
For example, three city governments in Florida are dealing with ransomware attacks currently.
Along with being attacked and losing their data, they are paying hundreds of thousands of dollars to get it back because they did not properly prepare for such an event.
Continuing, in order to get a better understanding of how anything can be vulnerable to this type of attack, let us break down exactly what ransomware is.
What is Ransomware?
By definition, ransomware is, “malware planted illegally in a computer or mobile device that disables its operation or access to its data until the owner or operator pays to regain control or access”.
Further, the basic breakdown of this definition is that a threat actor accesses your computer and or files, locks it down and to get it back, you must pay the ransom requested.
To many organizations and individuals, this can seem overwhelming and scary, and it should. Many think that they are not at risk for such an attack, but ransomware can attack any one.
Now, before panic ensues, several measures to prevent having to shell out your hard-earned cash to a threat actor can be put in place
How to Prepare Against a Ransomware Attack
As a professional in the cyber security field, I personally cannot put enough emphasis on backing up files. This is the number one most important step to protect yourself, organization or government body from falling victim.
The reason ransomware attacks are so detrimental to a business, for example, is because said business does not have their data backed up, and loses access to it in an attack. In order to recover what they lost, they negotiate a price with the malicious user.
Also, employees and lack of education on the matter pose a threat to a business or household regarding ransomware.
To elaborate, all three of the ransomware attacks in Florida in the last month were due to employees clicking malicious links they received in their email.
This allowed the ransomware / malware into the government network, thus allowing a malicious user in.
As a preventative measure, companies should be putting together training programs surrounding security risks such as employee negligence to facetious email and links.
One example could be reporting any suspicious looking emails to the IT department for review. This extra few seconds could make a difference of millions of dollars.
All in all, educating employees, yourself and those around you can help make a difference in preventing a ransomware attack. Even reading this article can help to educate and create awareness to ransomware attacks!
What Happens after an Attack?
The downside of all of this is that sometimes no matter what you do, malicious users find a way into your systems one way or another.
In the event that your machine becomes encrypted by ransomware, here’s a few recommendations.
Before I get into the recommendations, as a general disclaimer, every ransomware attack is unique to the target it attacks. One overall blanket statement does not fit for every situation.
This article is meant to be informative and create awareness to this type of cyber attack.
If you happen to become a victim to ransomware, contact your company’s IT department or take your machine to a trusted computer repair service.
Now, let’s take a look at what do during a ransomware attack.
To begin, if you have your data backed up, you have a good chance of restoring your device. In this case a fresh load of, for example, of Windows may be recommended. You are now able to regain control of your data without paying for it. If you are not backed up, and even if you are, having a professional look at your device is the best option.
The company I work for, Cyber Protection Group, has dealt with ransomware infected machines before and has been able to successfully remove the ransomware and restored the machine.
CPG is a great option to keep in mind if you ever find yourself in this position. (for questions regarding CPG services, please contact us here)
On a larger scale, I have seen governments pay the ransom to get their data back. Doing this sets a precedent for cyber criminals that companies and governments will do anything to get their data back. This becomes a payday for the cyber criminal and a company’s worst nightmare. Again, larger entities facing an attack should always consult with cyber security professionals.
To conclude, the main takeaway from this article is that the best way to keep your data safe from a ransomware attack is to back it up. If you only take one idea away from this article…
BACKUP YOUR FILES!
Educate employees, take caution when opening suspicious emails and ask your employer and/or government officials about cyber security measures for your work, state and country!
By Taylor Ritchey