What is Ransomware?
Ransomware has been a popular method for cyber-criminals for several years but has become more widely known since high-profile attacks have propelled it into the news. WannaCry hit the NHS in early 2017, bringing the system to a standstill, disrupting hospital and GP appointments.
Ransomware is a type of malware that cyber-criminals use to lock or encrypt files on a computer that makes them inaccessible to users. They will then demand a ransom in exchange for decrypting the data and giving you access to it again.
Hackers will usually enter your computer system through email attachments, vulnerabilities in your systems or through malicious websites.
What should you do if you’re attacked?
It’s always worth getting help from the authorities or from your IT department if you have one. They will help you identify exactly what’s been encrypted and what the next best step is.
If you’re hit with an attack, no matter how you respond, you need to make sure you’re better protected in future. This could mean getting better cyber-security advice or software.
It’s also really important that you’re educating your employees about the dangers so that they’re wary and can spot dodgy emails in the future.
The government is actually fining companies who don’t take the proper precautions and end up losing data, particularly if it’s customer data. So as well as the ransomware, you could face fines from the government too if you’re not careful.
Reasons why you shouldn’t pay
Whether you pay or not is up to you, but it’s recommended by the authorities that you don’t for the reasons below.
You have no guarantee
You have absolutely no guarantee that you’ll get your data back. Plenty of attacks will release your data once you’ve paid but there’s no reason why you should trust their word. Some will either delete your data anyway or just ask for more money.
You’ll show them you can pay
As soon as you agree to pay, some cyber-criminals will go one step further and increase the amount they’re asking for. You could end up trapped in a cycle of paying for something that moves further and further away because they know they’ve got you.
Even if they do hand over the data after you pay once, there’s nothing stopping them from targeting you again, knowing that you’ll probably pay up again.
You’re also likely to get a reputation in the cyber-crime world as a business with easy pickings. As soon as word spreads you may end up targeted by several different criminals.
You’re funding the cyber-crime world
Any money that you hand over is probably not going to end up anywhere good. A lot of cyber-criminals won’t work alone but will within a network of like-minded criminals. Paying up keeps these networks going and well-funded. Their techniques and skills will probably only get more sophisticated.
It encourages more people
Like with anything, if people see there’s money in it, it’ll only encourage more people to try it. This leads to bigger networks that are more sophisticated and harder to track and shut down. More companies are being attacked these days because it’s a growing community. Hackers that operate in a network simply learn from each other and improve their lines of attack.
Back up your data
While getting any data stolen can have a devastating impact on any business, you might be able to lessen the effects if you have this data backed up elsewhere that the criminal hasn’t accessed yet. This means you won’t necessarily be held to ransom to get it back, though this depends on the nature of the data.
Have you ever been a victim of ransomware? Would you ever pay up? Let us know what you think.