When Scammers Strike – Understanding Ransomware

Posted by Rebecca Prince on May 26, 2017

ransomware blog

If you’ve been following our blog for a little while, you’ve probably noticed a trend.  We post a lot of articles about protecting your personal and financial information.  Why?  Because, we’ve seen the consequences of identity theft.  And trust us, they’re not pretty!

That brings us to today’s blog topic.  Ever heard of ransomware?  It’s not just for the movies – it’s real.  And, scammers are using it to hijack important files from businesses and individuals.  Safety guru and CEO of Stickley on Security, Jim Stickley explains more.

Chances are that you have heard of the term “ransomware” and a few of you may have even fallen victim to one of these attacks. The term “ransomware" refers to malware that is installed on a computer or mobile device and “locks” certain types of files to prevent them from being accessed. The owner of the computer or device is then notified that a certain amount of time is provided, generally 48 hours in which to pay a fee or the files will be permanently lost forever. 

To “lock” the files, the malware actually just encrypts them using one of the many available forms of encryption, making them nothing more than a garbled text file. If the victim pays the fee, a key is provided that can be used to decrypt the files. For a typical home user the fee, or as it has become known, the ransom ranges from around $99 US dollars to $250 US.  For the average person, getting back access to pictures from a wedding or family vacation or access to documents that contain important personal information, it might be worth paying the fee. In fact, several studies show that ransomware has become a billion-dollar business.  Of course, that billion dollars is not just being made $99 dollars at a time.

When criminals realized that ransomware was paying off far better than anyone could have expected, it occurred to them that if a home user was willing to pay a couple hundred dollars to access some personal photos or documents, imagine what a hospital, financial institution, or corporation would be willing to pay for important documents.  And with that simple thought, corporate attacks took off. 

According to a study produced by IBM, ransomware attacks increased by over 6000% between 2015 and 2016 and that 70% of the businesses that were attacked paid the ransom to get the data back.  What is most amazing is that of those that paid, 50% paid over $10,000 and 20% paid over $40,000.  

When you start dealing with those kinds of numbers, it’s clear to see that ransomware will not be going away any time soon. In fact, chances are that in just the next seven days, you will receive at least one email containing a ransomware attack. That’s because in 2016, over 40% of all spam email contained ransomware.  

While your desktop may have limited critical information stored on the local drive, often your computer will be networked to shared drives throughout the company. Ransomware is designed to not only attack your local hard drive, but also networked drives and even cloud storage devices. This is why it is critical that backup data is stored offline rather than on shared drives. There have been many cases where a company backed up critical systems and stored those backups on network drives, only to find they were locked, along with everything else when the ransomware attack occurred.

In addition, if you store files on your computer that are critical to business operations, it is important that you notify management and ensure that regular backups are being performed to protect that data offline.  As job positions change and new technology is added, it’s possible for some systems to be overlooked. By keeping open dialog between you and management, but information stored locally, you can ensure that if your system were to become compromised, that attack would be a minor inconvenience rather than a complete corporate shutdown.

How DuGood Can Help

As we mentioned before, protecting your personal and financial information is really important to us!  This is one of many articles we’ll be posting about ransomware, so be on the lookout for more to come.

If you’re interesting in checking out more blogs like this one, be sure to visit our Security Center.  And take a peek at our Identity Theft Protection plans for debit and credit cards.  For only a few bucks a month, you can over all of your financial accounts – not just those at DuGood.

Protect your identity.

Blog contributed by Stickley on Security

Topics: Security