Ransomware is malicious software that works by encrypting your computer’s documents, pictures, videos, and any other data you have stored on your computer.  The encryption method favored by most hackers who target victims with this type of attack is the utilization of a key to decrypt the now-encrypted files on your computer.

Typically, ransomware will include special instructions and a message warning you that your files have been encrypted and that you must pay a ransom typically in the form of Bitcoin to the hackers for them to provide you the key to unlock your data.

Ransomware has become more sophisticated over the years, and targets have increased drastically as ransomware has been affecting mobile devices and even Mac-based devices that have carried a reputation for being resistant to viruses, but this mostly stemmed from the fact that the Windows platform dominated the consumer market for a long time until the last decade or so. Thus, Macs are not immune to viruses, they have just stayed under the radar due to ‘security through minority’ so anti-virus should be on any device that could potentially be targeted by a hacker. To keep your data safe and prevent potential data loss, it’s necessary to take time to know how to prevent ransomware from affecting your teams’ computers and technology.

New Ransomware Variants and Targets

As the pandemic progressed and showed no signs of going away any time soon, the world began to migrate to a more online centric workspace. As a result, there has been an explosion in ransomware attacks reported.  There was an average of 139% year-over-year increase in ransomware attacks in Q3 in 2020 from Q3 in 2019.  Industries across all major business sectors reported an increase in ransomware attacks, including the education sector which saw an increase of 388% in Q3 2020 as well.

Ransomware poses an especially potent threat to businesses whose private data helps maintain their competitive edge, such as unannounced patents or technology still under development.  For example, Apple was recently targeted this month in a ransomware attack which revealed unannounced computer and iPhone designs to the public.

In many cases, restoring a backup of the lost data could prevent most damage. In these cases, however, simply restoring the data from a backup still wouldn’t prevent the damage of the hackers from leaking the stolen data.  This is why ransomware is such an effective method for cybercriminals to use against victims.

Data exfiltration is a rising part of ransomware threats.  As of Q2 2020, 50% of ransomware cases now include data exfiltration, which means that things such as usernames, passwords, and personal finance information have been stolen.  The methods that hackers are using to deploy ransomware is changing as well.

In the past, hackers would try to get a victim to click on a link using phishing techniques as a way to gain entrance to their computer.  Then, they would deploy the ransomware which would sometimes net a small ransom.  Now, hackers are choosing to methodically penetrate deeper into a victim’s network in order to try and find the most potential targets and data to encrypt.  According to the cybersecurity firm CrowdStrike, this method has become known as big game hunting.

Preventing Ransomware and Staying Secure

Preventing ransomware from affecting your computer is the safest method of stopping ransomware attacks.  This means that you and other end-users must get educated on the latest threats and techniques that bad actors are performing, take steps to spot potential vulnerabilities, and prevent them from being exploited.

Many hackers utilize phishing methods through email as a way of targeting potential victims.  Phishing emails may contain a message that looks like it came from someone you may know or could have an urgent request that requests your immediate attention.

It’s important to be able to identify possible phishing scams, report, and delete them before they can harm your computer or data.  When viewing an email, it’s always a good idea to ensure that the sender is who they say they are.  You can check the message headers at the top of an email sent to you to verify that the email being sent is indeed from a reputable source.

Be aware that it is not wise to click a hyperlink embedded in an email without ensuring it’s safe first.  Before clicking on a link, it is best to simply hover over it with your mouse cursor to reveal where the link will take you.  You should also avoid downloading any executable or compressed files attached in an email sent to you.

Make sure your computers anti-virus software is fully working and up-to-date with the latest virus definitions.

Natural Networks is a managed IT services provider, and we have worked with many clients to help with their IT security and malware prevention.  If you want to learn more about how we can help with your technology security, give us a call today.