An explanation of ransomware
In this video, Informa TechTarget customer success specialist Ben Clossey explains how ransomware harms organizations and how to stop it
Your computer is the hostage, and you're the victim.
Ransomware is a form of cyber ransom, where malware locks access to a device until the attacker receives a ransom payment. These financially motivated attacks can be devastating to individuals, businesses and even entire countries -- and they're becoming more common.
Here, we'll talk about different types of ransomware attacks and how to prevent them.
There are several different types of ransomware, with the most common being locker and crypto ransomware.
Locker ransomware uses software techniques like screen lock or input blocking to completely lock a user out of their computer until a payment is made. While lockers deny users access to their system and files, the data is not encrypted.
With crypto ransomware, attackers use cryptographic algorithms to encrypt all data on a device. While the end-user may have access to their files, they're unreadable unless they receive the decryption key in exchange for the ransom payment.
Keep in mind that payment doesn't guarantee release of the device or data. On top of that, some ransomware attacks may also threaten to leak information if the ransom isn't met.
Ransomware attacks frequently target industries like critical infrastructure, education and healthcare, but no organization is completely immune. The impact of these attacks can range anywhere from a minor inconvenience to major devastation, depending on the sophistication of the attack. Potential consequences include the following:
- Damaged business reputation.
- Financial loss.
- Loss of customer trust and loyalty.
- Lowered employee morale.
- And increased likelihood of future attacks.
Say it happens to you. You might be wondering, "Should I pay the ransom, or should I refuse?" Most experts discourage victims from paying ransoms, arguing that it encourages attacks and can cause future legal issues. However, some businesses do choose to pay in order to regain access to their data faster.
That said, prevention is key. Therefore, businesses should consider the following steps to minimize damage:
- Use advanced security controls. While basic cybersecurity controls can detect common ransomware attacks, advanced tools like zero-trust security, Secure Access Service Edge and security information and event management are more effective at uncovering novel and sophisticated attacks.
- Backup data regularly. Critical data backups can effectively thwart a ransomware attack, allowing organizations to restore operations without meeting ransom demands. Just make sure the backup is isolated from the primary IT environment -- like offline or in a separate network -- to prevent it from also being compromised.
- Security awareness training. Employee education is crucial in preventing ransomware. Training should cover the specifics of ransomware attacks, how to avoid falling victim and what employees should do if they suspect an attack is underway.
Have you experienced a ransomware attack? How did you respond? Share your experience in the comments, and remember to like and subscribe, too.
Tommy Everson is an assistant editor for video content at Informa TechTarget. He assists in content creation for TechTarget's YouTube channel and TikTok page.