Ransomware is an ever-growing problem, affecting thousands of businesses every day. According to the Kaspersky Security Bulletin, a firm is hit with Ransomware every 40 seconds. Even when you think you may have outsmarted an attacker, new variants of ransomware and tactics to attack arise and lock your files away for ransom. Because of this, ransomware is not likely to see a downward trend anytime soon; with more attacks imminent, how can you avoid exposure?
How can my system be infected?:
1. Email links or attachments
One of the most common ways that companies become infected with Ransomware is through viral email attachments or links. Employees should be reminded not to open emails from unknown sources or click on any suspicious links or attachments. It's also important not to forward infected emails. If there is ever a concern with an email, the best thing to do is to delete it and contact your IT security team.
2. Vulnerabilities of your browser, operating system or software installed.
How many of us see that our computer needs to restart to complete updates and instead of hitting the "restart now" button we click "postpone"? Though keeping your systems and software up-to-date seems like a no brainer, many people avoid installing updates until it is too late. Ransomware preys on the vulnerabilities of out-of-date software. To avoid suspecting your files to an attack keep your devices as up-to-date as possible
3. Skype or any other messengers that may distribute infecting links
Programs that we use on a daily basis may open us up to the threat of Ransomware. Messaging platforms, like Skype, can distribute infected links via chat rooms. It is important that you don't open links from unknown users.
4. Downloading/running untrusted software
Files downloaded from the internet are at a higher risk of containing Ransomware viruses. Do not download and run unknown software from the internet on your computer. If you need to download something and you are unsure if it is safe, consult your IT security team.
5. Visiting untrusted sites (torrents, cracked software)
You were trying to catch the latest episode of Grey's Anatomy on an untrusted site, and next thing you know you are infected with a Ransomware virus. One of the easiest ways to open yourself up to Ransomware is by torrenting files or using cracked software. You may think "I do it all the time, it won't happen to me," but from what we know about Ransomware, it is no longer a matter of IF you will get infected, but WHEN.
Common infection approaches:
1. Any embedded executable or script files
Ransomware can infect your systems through embedding files on your systems that contain a virus. If you are in a position where you control executable or script files for your company, make sure that you know where they have come from and if they are secure before you embed them.
2. MS office documents
It may sound bizarre, however Microsoft Office files can contain ransomware viruses. These are easy to accidentally download and open on your machine; this goes back to the best practice of not opening attachments and files from sources you don't completely trust.
3. Found USBs
In areas where USB drives have been left around college campuses, studies have found over 50% were eventually plugged into a student's computer. This is definitely a case in which curiosity can kill the cat; plugging an unknown USB drive into your device is a leading infection method for ransomware. As a rule of thumb, never plug a USB drive into your device unless you know with full certainty what is on the drive, or where it came from.
The Bottom Line
Methods of attack are always changing to adapt to new and old vulnerabilities. It is important to stay vigilant and maintain your systems integrity to the best of your ability. The best way to protect your business and yourself from the effects of Ransomware is to ensure that you have multiple copies of your data backed up in a secure location. Implementing a Disaster Recovery plan is also a good idea. Ransomware has become a lucrative business for cyber criminals and it shows no sign of dying off soon.