What is Ransomware? Ransomware is a special kind of malware that works by limiting or effectively preventing users from gaining access to their computer system by either locking access to important files or locking a user’s computer screen [by changing login details] until a certain pre-defined ransom amount is paid.
In the past, you’d have been able to keep yourself safe from these kinds of hacks by having regular backups and then activating a system restore from a recent restore point. Hackers have however become smarter themselves and regularly target the backup as well. This potentially leaves a user with very little way out and most people end up paying for a decryption key that will allow them to use view and use their files again.
How does one contract Ransomware? Quite easily actually. The fastest way to contract Ransomware is to click on a suspect link, flashy ad banner that invites you to download swanky new software, either sent on email or on dubious websites that have links to download the malware hanging around.
Ransomware in itself isn’t an old phenomenon though; It has been around for barely 5 years but is already wreaking havoc worth millions of dollars in the corporate scene.
You may be asking yourself how exactly it does that. Well, allow me to explain:
Imagine you’re in a corporate office and are involved in gathering important data for clients that allows them to make data-biased decisions such as financial decisions based on trends from mined data like in a financial management office. Then, one day, one of the staff there gets an email attachment from a Nigerian orphan who wants to share his immense wealth within the next few days. Such emails prompt for one to download an attached file, fill in the details and send back the file with personal and bank account info.
Another way I’ve seen it happening is when a user is trying to download a file like a new song off the internet. So, as soon as they’ve found a possible mp3 file download site, a bright flashing banner appears asking them to download an app that will help download that and newer songs much faster.
Once one hits the download button, the file is stored on the personal PC and executes itself thereby starting the encryption process on the user’s files. Some even go as far as spreading on an office network to encrypt files on multiple PCs and servers. Now in the scenario I spoke of above [RE: Financial management], just the idea of re-doing all the necessary research and due diligence is a painstaking to say the least. One then is forced to contact the creator of the malware to ask them what it will take to decrypt their files.
Feeding off frustration and fear, they Ransomware creators rarely ever make contact until they’re sure the user, and normally their entire firm, is on the verge of madness. They then make demands to be paid frivolous amounts of cash to decrypt often leaving very little room for negotiation.
In March of 2016 alone, companies suffered over 56,000 Ransomware infections in the corporate setup. This is just in one month of the year. There has been a steady increase of such attacks in the past year and the number increased 3 fold by end of 2016 affecting one in every 5 business globally.
How do you then keep yourself safe?
This is where Mimecast comes in.The Mimecast Secure Email Gateway uses sophisticated, multi-layered detection engines and intelligence to protect email data and employees from malware, spam, phishing, and targeted attacks 100% from the cloud. Mimecast’s solution protects users and their inboxes [and PC data] by:
- Targeting threat protection with URL, Attachment, and Impersonation Protect
- Multi-layered malware and spam protection
- Secure messaging and encryption
- Data leak prevention
- Secure large‑file sharing