|How does ransomware get into the network?|
Cybercriminals operate more effectively than ever now. The most common vehicle for ransomware attacks today are email and compromised websites.
One email is all it takes.
We’ve all become so used to email as the major form of business communication, that getting someone to click a link is easier than ABC. Ransomware attacks come disguised as legitimate emails that can trick your employees into clicking through to an infected website or opening an infected attachment. Unfortunately, cybercriminals have gotten really good at faking internal emails, external communications from stakeholders, and seemingly genuine inquiries from customers. They’ll often conceal their ransomware in normal attachments like invoices and reports in Office docs, as well as, PDFs.
Infected websites aren’t always obvious.
Cybercriminals will infect any web page they can, which is why less reputable sites should be avoided. But it’s not just about making sure you and your employees stick to suitable sites, mainstream websites can also carry ransomware infections ready to spread to all visitors. It’s happened before – websites like The New York Times, BBC and MSN have accidentally exposed thousands of web visitors when their infected site showed malicious ads in the past.
What happens during an attack?
As soon as ransomware is in the door, it immediately scans local and connected drives (including connected backups) and encrypts thousands of files. Within minutes, everything from Office files to multimedia is locked up, inaccessible to all users – even administrators. Then a notification appears demanding a ransom to unlock the files and displays instructions on how to pay it. At this point, many businesses are on hold until the situation can be resolved. Typical resolutions can include: restoring from safe, external backups; wiping the entire system and starting again; or paying the ransom and learning a hard lesson in data security. Educate you and your employees on how to best avoid ransomware attacks by contacting your IT partner today!
Contact us today at (509) 433-7606 or email us at info to help secure your business’s from ransomware attacks.