Ransomware is everywhere. From hospitals and large enterprises to small businesses and personal computers, nobody is safe. So what is this threat that is taking businesses by storm?
Ransomware is a type of malware (definition of malware) that attempts to encrypt files. All the files it encrypts becomes inaccessible without the password to the encryption which is kept secret by the hackers. At this point, a business has two options. One option is to pay the ransom (which I don’t recommend). The second option is to restore from backup (which is hopefully working). So what happens if a business can’t restore the data or pay the ransom?
That all depends on the variant of Ransomware. That’s right! If it wasn’t already bad enough, now there are millions of variants that all have their own way of dealing with businesses who can’t pay. Some variants start deleting the information while others start increasing the ransom cost. In some cases the hackers actually provide technical support via chat in order to help you through the process of paying the ransom. Worst of all is what happens after a business recovers from an attack.
Ransomware utilizes call and command servers to help execute its attacks. These same servers track the IP addresses that they were able to compromise. Hackers then use this information for future attempts as well as sell this information to other hackers. This means that when a business has been hit once it will get hit many times thereafter.
Having knowledge is half the battle. Now that you all have a better understanding of what Ransomware is you will want to know how to prevent and recover from it. Watch out for future articles where I explain just that. For now, feel free to post questions in the comments section.