Think about everything you keep on your phone or computer. Are they storing important business documents, family photos, the novel you’ve been working on for over a year? What would happen if someone was able to freeze your computer and phone and hold that information hostage until you paid them ransom? It sounds like something from a crime t.v. show, but it’s actually a very real threat to American citizens and businesses alike. This cyber crime is committed with the use of a software called ransomware.
Ransomware attacks are evolving in complexity and are on the rise. According to the FBI, Ransomware payments in 2016 totaled over $1 billion dollars. When compared to the $24 million paid in 2015 the growth rate of this crime is alarming, to put it mildly. All devices are vulnerable and more and more mobile attacks are now being reported. So what is ransomware, how do you identify it, and how can you protect yourself and your business from becoming it’s next victim?
What is Ransomware?
Ransomware is a type of malicious software, or malware, that freezes your computer or mobile device. This software blocks access to a server or mobile device, or encrypts all of the data that is stored on that machine. The encryption is unbreakable and can’t be fixed by removing the malware. Only a unique software key will unlock everything. In order to obtain this key to regain access to the data, the user needs to pay a ransom – hence the name ransomware.
The reason individuals and business are willing to pay for the encryption key is that if they don’t their personal and business files can be destroyed – leading to stolen data and ultimately financial loss. In 2016 the average ransom demand was $679 and that number is expected to grow in 2017. Kevin Haley, the director of Symantec Security Response says that the willingness of victims to pay the ransom is increasing the value of data criminals are holding. “We did a survey in the U.S. and discovered that 64% of users who got ransomware paid the ransom. People are willing to pay, so the bad guys raising the price.”
Currently individual computer users are the most likely victims of this crime because they tend to have less security in place. However, corporate systems are vulnerable as well. Last year hospitals, police departments, colleges, and companies all were targeted. With this threat becoming more common, and more expensive, the best thing you can do is start taking steps right now to protect your data today.
How do I Identify Ransomware?
When it comes to ransomware, early detection is key. Ransomware tends to target a specific individual, whether a consumer or business, with a link or attachment within an email or message that infects your computer with malware or leads you to an infected website.
There are 3 ways that ransomware can take shape:
Most ransomware is delivered via email. The email will tell you to click on a link or open an attachment. These emails are particularly nefarious because they are designed to look like they are harmless. The sender tries to appear as someone you may know or as someone relevant to your business. The message is often personalized with your name or a reference to a recent transaction. IBM found that 40% of all spam email in 2016 contained ransomware. So if you aren’t expecting an email or if seems a little fishy, the best thing you can do it delete it without opening it.
Advertisements or Pop-up Windows
Pop-up windows aren’t just a nuisance, they’re a way for ransomware to make it onto your computer. Pop-ups can be tempting because they may seem like part of the website and therefore harmless. Or they can be alarming, telling you something is wrong with your computer and they can help you fix it. Don’t fall for this! This is an easy way to give them the access they need to infect your computer or phone.
Sometimes you can unknowingly give cybercriminals easy access to your computer or phone by downloading from a questionable website. Ransomware can be present in downloadable games and file-sharing applications from the web.
How do I Prevent Ransomware?
Once you have become a victim of ransomware your options are extremely limited. The best way to protect yourself and your information is to stop ransomware before it happens. These simple steps help minimize the risk.
Update your Operating System and Apps
The new version of your operating system or app brings a lot more than cooler designs, simpler functionality, and fun new features. It also frequently brings vital security updates to ensure your devices are protected from potential viruses, malware, and other forms of cyber attack. The next time you get a prompt to update, make sure you do.
Use Antivirus Software and a Firewall
These cybersecurity tools are essential in the fight against criminals looking to ransom your information. You want an antivirus with active monitoring and then implement additional security levels to prevent an attack. Make sure they are set to update automatically to ensure you are getting the latest security updates.
Enable Pop-up Blockers
The FBI calls the method of using popup windows to infect systems “drive-by downloads.” The attackers use popup windows to send users to compromised sites. From there their malware is able to install itself. FBI experts advise people to utilize pop-up blockers to help filter out a lot of potential attacks while they are browsing the web.
Email phishing scams are one of the easiest ways for cyber criminals to gain access to your computer. Be cautious when opening emails or attachments you don’t recognize, even if the message comes from someone in your contact list.
Downloading from a compromised site is an easy way for cyber criminals to receive the access they need to install malware on your computer. Be wary of visiting or downloading software from websites that are unfamiliar. Only download software from sites you know and trust.
Back up Your Files
Don’t risk important losing important documents or precious memories. This won’t stop ransomware from occurring but backing up your files can provide you with the comfort of knowing that if your computer or phone is infected, you won’t lose everything. Be sure to regularly back up your files to a cloud service or an external hard drive to ensure that your information remains accessible regardless of an attack.
Alert Your Local Law Enforcement Agency
As soon as you encounter a potential attack, contact your local police immediately. They can assist in investigating and notifying other agencies to prevent future attacks.
We’ve Got you Covered
At Union Community Bank we take your security seriously and we work with you to make sure that you have the tools available to keep your information safe. If you are still concerned about your cybersecurity, contact a Union Community Bank Trusted Advisor today to learn more about the ways we keep your banking secure.