Can you prevent Ransomware infections?
June 14th, 2021
Ransomware is a high‐alert threat to businesses. With this being a hot topic in the news (e.g., the Colonial Pipeline attack) and a threat to defend against, here’s information to help you protect your business.
What is ransomware?
Ransomware is a type of malware that hackers use to infect computers and encrypt computer files – until a ransom is paid. After the initial infection, ransomware will attempt to spread to connected systems on a network, including shared storage drives and other accessible computers.
If the hacker’s ransom demands are not met (if the victim does not pay the ransom), the files or encrypted data will usually remain encrypted and unavailable to the victim. Even after a ransom has been paid to unlock encrypted files, hackers will often demand additional payments, delete a victim’s data, refuse to decrypt the data, or decline to provide a working decryption key to restore the victim’s access. Hackers may also threaten to post, or actually do post, select samples of confidential data in an effort to coerce payment.
How is ransomware delivered?
Ransomware is commonly delivered through phishing emails or by visiting compromised websites.
Should a ransom be paid?
The U.S. Federal Government does not support paying ransom demands. Please remember, you are dealing with criminals and you cannot trust that they are going to release your data; therefore, it is not recommended to pay a ransom. If you are aware of a ransomware infection, the FBI is looking for your help in reporting and tracking these issues – please visit www.ic3.gov
What can you do to prevent ransomware infections?
- Use caution with links and when entering websites. Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses. BEFORE you click on a link, hover over it to verify that it is taking you where it says it will. Malicious website addresses often appear almost identical to legitimate sites, frequently using a slight variation in spelling or a different domain (e.g., .com instead of .net).
- Open attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when unexpected or when attachments are compressed files or ZIP files ([filename].zip, or [filename].winzip).
- Keep your information safe. Your password information should never be shared with anyone. If you believe that your information has become compromised, contact your information security resource specialist.
- Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email by contacting the sender directly via phone or email in a new and separate email thread. Do not call a phone number or use the email address within the original email. Use contact information already known to you or verified from a source of authority. Do not click on any links in the email.
Keep yourself informed about recent cybersecurity threats. Do your part - #BeCyberSmart