What Ransomware is, and Why it is So Effective
Once Ransomware infects a device, it encrypts all the files on the device rendering them inaccessible by the victim.
- Millions1 - the number of Ransomware attacks in 2016
- 33 hours2 - the average number of hours spent recovering from a Ransomware infection
- Increasing3 - nearly every statistic surrounding Ransomware including: distribution, families, infections, spread, business attacks, demand amounts and payments
Clearly Ransomware attacks should have your attention if you own a business, work for a business, or have electronic files you care about.
Why Ransomware is So Effective
While the files still exist on the device, within minutes they are inaccessible to the user because they are stored in an encrypted state. Ransomware is extremely effective because it also encrypts:
- Locally attached USB drives, even those used as file backups
- Mapped network drives, helping it spread across the network
Since there is no guarantee a device will never be infected, or infected a second time, there are some things we should do to protect our information.
- Be cautious about the:
- Emails you open
- Attachments you open
- Files and software you download
- Websites you visit
- Links you click on
- Create secondary logins on devices when children and other family members also use them
- This is especially important for devices that are used for both personal and business functions
- Log out or lock business and personal computers when walking away
- Implement a backup system for important files
- The backup rule of 3 states to have:
- 3 copies of important files
- 2 different types of media for storage
- 1 offsite location
- Whatever type of backup system you have, be sure to test it regularly! This includes:
- Restoring random files to make sure they are intact
- Documenting the process so it is repeatable
- Knowing in advance how much time the recovery process takes
- If part of your backup system is manual, set up a reminder system so it becomes a habit
As always, using caution is a great start, but planning ahead and being prepared is critical to maintaining business continuity and normal daily functions.
Want to know more? Visit our Ransomware breakdown page.
1Information from a Malwarebytes study.
2Information from Cyberheist News Vol 6 #47 November 21, 2016.
3Information from multiple Internet searches on "Ransomware distribution".