How to stop the spread of ransomware attacks

/in


Join today’s leading executives online at the Data Summit on March 9th. Register here.

This article was contributed by Harman Singh, director of Cyphere.

Ransomware is currently one of the most common types of cyberattacks. It’s essential to be aware of the different variations of ransomware and how they can affect businesses, particularly small and midsized enterprises. As such, let’s outline what ransomware is, why it’s so dangerous for business owners, and identify steps that you can take to protect your company against this threat.

What is ransomware?

Ransomware is malware that infects devices and locks users out of their data or applications until a ransom is paid. This is costly for businesses because they may have to pay a large sum of money to regain access to their files. It has been revealed that some users have paid enormous fees to obtain the decryption key. The fees can range from a hundred dollars to thousands of dollars, which are typically paid to cybercriminals in bitcoin.

Examples of ransomware attacks

Some major ransomware attacks include:

WannaCry

A devastating Microsoft exploit was utilized to create a worldwide ransomware virus that infected over 250,000 systems before a kill switch was activated to stop its growth. Proofpoint assisted in locating the sample used to discover the kill switch and in analyzing the ransomware.

CryptoLocker

CryptoLocker was the first ransomware of this generation to demand Bitcoin for payment and encrypt a user’s hard drive as well as network drives. The CryptoLocker ransomware spread via an email attachment that purported to be FedEx and UPS tracking notifications. In 2014, a decryption tool became available for this malware.

NotPetya

The NotPetya ransomware attack is one of the most harmful techniques. It’s known for corrupting and encrypting the master boot record of Microsoft Windows-based systems. NotPetya is distributed via the same exploit as WannaCry to quickly spread and demand payment in bitcoin to reverse its modifications.

Bad Rabbit

Bad Rabbit was visible ransomware that employed similar code and vulnerabilities to NotPetya, spreading across Ukraine, Russia, and other countries. It primarily…

Source…