Ransomware is a form of malware that will lock files on a computer using encryption. Encryption converts files into another format, like a secret code and can only be decoded by a specific decryption key. It will then ask for a ransom to make the users own devices accessible.
How is ransomware distributed?
Ransomware is typically carried out by entering a system through an email attachment or a vulnerability in the network. The program then runs a payload, which locks the system (or claims to lock the system) in some way. Sophisticated payloads encrypt files, using a strong encryption algorithm to encrypt the victim's files in such a way that only the malware author has the decryption key.
How can I protect myself?
Educate your team and test them on a consistent basis. Hilltop can assist you in creating an educational guide for your staff, which will inform them about what to look for before clicking any links or accepting any files. Hilltop will also follow-up by sending “test” emails to your staff, which will then produce a report for you which shows who within your staff clicked on the link and fell for the “bait”. This will help you see how security aware your staff is.
Don’t pay the ransom
Payment is almost always the goal. The victim is pressured into paying for the ransomware to be removed. The ransomware may or may not be removed after payment. A key component in making ransomware successful for the attacker is to use a payment system that is hard to trace. There are no guarantees the ransomware will be removed, or files will be restored.
Update, update, update!!!
Update and patch systems often. Hilltop can provide a full assessment of your systems and provide a report that outlines vulnerabilities.
Back it up!
Back up your data often. Hilltop’s team of experts can suggest a backup and disaster recovery plan to ensure you keep downtime and data loss to a minimum.