Logo

What is Ransomware

What is Ransomware?

It is a type of malware that encrypts your device files on infection and demands a ransom to decrypt them. Some ransomware lock your screen – you are essentially locked out of your system. You get a message on your screen with the ransom amount to be paid, mostly in cryptocurrency. The attacks can be on anyone, from a large no of individual users to entire networks, though it’s only the attack on bigger organisations that make the headlines.

Ransomware worms mainly infect your computer the same way as most malware infections – through malicious links or attachments in spam or social engineering emails, through malicious sites or recently through drive-by-downloads.

The ‘warning’ messages look like real warnings from legitimate agencies like law enforcement. The message may say that your computer is suspected of illegal activity and hence locked, and a specified sum be paid to the law agency to unlock it. This usually happens with attacks on individual systems. The attacks on larger networks are more sophisticated; the worms infect as many systems and files as possible without your knowledge before the actual attack. The warnings are open demands for ransom payments in return for decryption keys for your data, failing which your data is threatened to be deleted permanently.

How can you protect your organisation from a ransomware attack?

How can you protect your organisation-Computing Australia Group

What should you do when faced with a ransomware attack?

While there are people who advocate ransom payment to get your system up quickly, we will never recommend it. For one, payment just goes to show that such malicious attacks work and encourages cybercriminals. Second, you are sending a signal that you are willing to pay – you will end up being attacked multiple times. Third, you are dealing with criminals; you can never be sure that your system will be unlocked or files decrypted once you pay the demanded sum. In fact, decryption may not be even possible many times.

So what should you do?

First, don’t panic. Panic leads to wrong decisions and can cause more harm than good. Contact your cybersecurity provider immediately. Dealing with ransomware attacks needs skill and fast response. A reputed provider will have emergency response systems in place. If you don’t have professional support or can’t get through to yours, the following steps can minimise damage, till you get an expert to support. 

Dealing with ransomware can be tricky, so if you are not sure how to proceed, it is best to get a cybersecurity specialist’s services. Remember, paying ransom will only encourage criminals with no guarantee of getting your data back. Protect your systems now. Contact us or email us at cybersecurity@computingaustralia.group to get in touch with our cybersecurity team.

Jargon Buster

Vulnerabilities – A weakness, flaw or error in software, hardware or network that can be exploited to gain unauthorised access to the system.

Drive-by-download – Downloading of malicious code without any prompts or interaction by the user. The malicious code takes advantage of OS or browsers that have not been updated.

Cryptocurrency – In simple terms, it is digital money. It is an online digital currency that is not controlled by a government.