Today we are going to be discussing ransomware. Ransomware has been in the news a lot. Just this first week of June, a major meat producer was forced to shut things down due to a ransomware attack. In May, the Colonial Pipeline that serves gas to many Eastern states was also forced to shut down due to a ransomware attack. And finally, earlier in 2021, Scripps medical network in San Diego was also targeted by hackers and forced to pay a ransom. To this day, members of that medical group still can’t access their online records. Ransomware attacks are becoming more popular. I want to talk more about it in today’s podcast episode.
What is Ransomware
Let’s start off with defining ransomware. Ransomware, as the name suggests is when you are asked to pay money in exchange for something of yours that was taken. Typically, this is very common in hostage situations or in kidnappings. In the cyber world, rather than an individual being held up for ransom, an attacker will hold your data up for ransom. A ransomware attack is pretty clever. Rather than deploying malware to destroy your computer or network, a hacker will use a ransomware attack to make money. They come into your computer, encrypt your hard drive, and then ask you to pay a ransom if you want your data back. Failure to pay the ransom typically leads to your data being made publicly available on the internet. For normal people like you and me, that might not be such a big deal, but for a corporation with millions, if not billions of dollars worth of data, it could be a HUGE deal.
At this point, you might be asking yourself, how does a ransomware attack get carried out? This attack usually starts off like any good social engineering attack. The hacker or hacker group will send out an email in a phishing attack. These emails are distributed to people that work for a company. This is important to you because if you work for someone, or are entrusted with a company computer, then you become a high value target. Most people only think about their personal devices, but if you have any computing resources from your employer, you should always be on the lookout for suspicious emails. Once you receive this email, the attempt is to make it look real enough that you click on it. When you click on it, that’s where the magic starts. Either through an attachment, or a redirect to a malicious website, the hacker will download the script that encrypts your hard drive. Once encrypted, you will not be able to access the data on the machine unless you have the decryption key. The key is simple enough to get. Pay the ransom and maybe you’ll get your stuff back. There is no guarantee that you’ll get your data back but most people and businesses can’t risk not having their data. Many pay the ransom which then further motivates hackers to carry out similar attacks because it is an easy way to make money.
Do I need to worry about Ransomware?
Ransomware is growing in popularity. It’s been around for a long time, but most recently it has really caused significant financial damage to many corporations. As a user of the internet, you should worry about ransomware. The information you have on your computer or network might not be of high financial value, but there’s two reasons why you should get smarter about ransomware. First, the data that’s on your computer is probably pictures and videos of your family. While not high on the financial side, the memories captured in those digital files are priceless to some. Losing access to your precious memories could be catastrophic. The other reason is one I discussed already. If you use an employer’s computer to conduct business, any email that comes into your mailbox whether personal or business, could be an entry way for ransomware attack. The data that your employer entrusts you with could be worth millions of dollars. If you are in this camp, you should take ransomware attacks even more seriously because you could potentially lose your job.
How can I protect myself?
Ransomware attacks sound scary, and they are. But there are a few ways to protect yourself. First, learn how to detect phishing emails. That’s probably the easiest and most effective tactic that hackers use to deploy their attacks. Next, keep a backup of all your data. If your hard drive were ever to be encrypted, you could simply restore from a backup. Having a backup means that the ransomware attack is pointless because you can just restore and come back without ever having to pay a ransom. Keeping backups can be expensive, so consider it more of an insurance policy than anything else. The last thing you can do is to monitor your network traffic. Ransomware attacks usually take time to be carried out. They sometimes remain dormant and don’t go into full effect until they are triggered by the hacker. Being able to detect an intrusion to your computer or network could help you fight the war against hackers.
There you have it, ransomware 101 guide. These attacks are extremely lucrative for hackers. They have the potential to make a lot of money and can cripple the systems that it infiltrates. Not only that, but by hacking only a small number of machines/servers, millions can be impacted. Everyone should be aware of ransomware attacks and they should do what they can to try and prevent an attack from happening. Always double check your emails and never click on anything that you didn’t solicit. The internet is a dangerous place and as long as people continue to pay the ransom, these attacks are going to continue. Be smart and stay safe online.