Ransomware attacks continue to be in the news impacting various size businesses and industries. The US government reports that from 2019 through 2020, ransomware attacks cost companies over a billion dollars—and that number continues to climb in 2021.

What exactly is malware, and what can you do to prevent an attack? In the August Security Awareness News, we take a look at malware, including:

  • What is malware?
  • Preventing malware infections
  • What everyone needs to know about ransomware

What is Malware & What is it Capable of?
Short for malicious software, malware is an umbrella term covering various types of harmful computer programs and viruses used by cybercriminals for harmful purposes. While the intentions of cybercriminals vary, here are just a few examples of malware’s capabilities:

  • Stealing confidential data
    • Some forms of malware give attackers access to confidential data while other log keystrokes to steal passwords or monitor an individual’s computer.
  • Encrypting data
    • This is ransomware. Ransomeware is a dangerous infection that encrypts data or systems, locking out the victims until a ransom is paid.
  • Disrupting services
    • Unsecure smart devices allow attackers to create botnets—a collection of compromised internet-connected devices. Botnets are used to perform distributed denial-of-service (DDoS) attacks which flood internet services with more traffic than they can handle, causing widespread internet outages.

Preventing Malware Infections
Avoiding malware infections is easy, both at work and at home. Here are five ways to keep a healthy system:

  1. Don’t get phished
    • Most malware infections are spread through malicious links and attachments. Be sure to carefully inspect messages for warning signs like bad grammar, threatening language, a sense of urgency, and unexpected attachments.
  2. Beware of removable media
    • USB flash drives represent an easy attack vector. Cybercriminals hope to leverage someone’s curiosity by planting malicious flash drives around organizations and public areas. When the drive is plugged in, it can launch and install malware on the victim’s computer.
  3. Utilize security tools
    • All devices should have antivirus and anti-malware services running in the background.
  4. Protect your Internet of Things (IoT)
    • We live in a connected world of smart homes, smart electronics, and smart cars. This is known as the Internet of Things, and it ushers in major security and privacy concerns. Protect your IoT with strong passwords, and thoroughly research products before adding them to your network. Disable the internet connection of any devices that you don’t regularly use.
  5. Stay updated
    • At work, follow organizational policies for software and firmware updates. At home, consider enabling automatic updates for computers and smart devices so you never miss a critical security patch.

What Everyone Needs to Know About Ransomware

  • Time is expensive
    • Beyond paying large sums of money for decryption keys (the code that reverses encryption after payout), downtime for any organization can be prohibitively expensive. Furthermore, most attacks give the victim a specific date by which the ransom must be paid. Miss that deadline and the data will be destroyed, leaked online, or the price of the ransom will be significantly increased.
  • More than money
    • Forget about financials for a second. Ransomware becomes life-threatening when it hits hospitals and creates emergency situations, and can also create emergency circumstances within critical infrastructures like fuel supplies and electrical grids. Such attacks highlight the dangerous impact ransomware has on society as a whole and not just organizations.
  • At your service
    • It’s scary to think about the sophistication of some ransomware variants. But what’s even scarier is that you don’t need to be a highly experienced coder to launch these attacks. Some ransomware authors sell their software—including instructions on how to use it—to other cybercriminals. This is called ransomware-as-a-service or RaaS. It’s essentially a subscription-based model that offers an easy payday for novice criminals hackers.
  • Paying is risky
    • Paying a ransom creates a series of problems:
      • There’s no guarantee the criminals will provide decryption keys.
      • Even when the keys are provided, unencrypting locked data can be an extremely slow process.
      • Paying the ransom makes the victim an even bigger target because the attackers know they’re likely to get paid for future attacks.
  • Data backups can’t solve everything
    • Restoring systems from data backups can be incredibly time-consuming, sometimes even slower than decryption keys. Worse yet, if the data backups haven’t been isolated from a network, sophisticated ransomware campaigns may attack the data backups first and then move on to the main networks.

You can avoid these problems by staying alert, thinking before clicking, and always following organizational policies. Need more information? We are here to help!