Ransomware is a malware that will either disable access to your data or threaten to publish it. They hold you at ransom unless money is paid off.
The data is encrypted using a key the hacker possesses. Without this the data cannot be decrypted.
Ransomware can be downloaded onto systems when unwitting users visit malicious or compromised websites or opening infected files via emails etc.
According to one report there were around 623 million ransomware attacks in 2021.
The global average cost to remediate a ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity and ransom paid) is estimated to be $761,106.
While security of the network and systems can be improved using the standard security measure.
Solutions against ransomware.
The best and ultimate way to safeguard is with backups. But ransomware also attacks backup locations and would attempt to delete these. Hence it’s important to have
- offline locations of backups
- Cloud storage with permissions in such a way that it can create backups but not modify or delete existing backups.
Other helpful bits one can do.
- Applying regular security updates can mitigate vulnerabilities.
- Keeping critical systems away from the network of other systems
- Having a good cyber hygiene policy which includes caution on opening files from unknown senders in email etc.
Immediate thing you can do if you suspect a ransomware attack is to disconnect your suspected infected systems from your network and internet to help prevent spread.