What is ransomware and why is it so bad?
This cyberattack scheme isn’t new, but it has become increasingly common over the past several years. Many of the viruses lurking out there steal data to be used for nefarious purposes. The goal has long been to access important financial and personal data that can be sold off. For example: Credit card numbers that can sold and used to buy things. Social security numbers that can be sold to be used to create fake identities. In the case of many viruses, victims may never even be aware their data has been accessed. Typical malware and spyware tries to go undetected. Not ransomware. Ransomware generally does not access your data to sell off to criminals. Instead, the virus kidnaps your data until you pay ransom.
Ransomware stops you from using your PC, files or programs. It holds your data, software, or entire PC hostage until you pay a ransom to get it back. When an attack occurs, you suddenly have no access to a program or file – A screen appears announcing your files are encrypted and that you need to pay (usually in bitcoins) to regain access. In some cases there may be a nerve wracking clock ticking down to the deadline for the ransom payment. Some versions are so sophisticated they even have mini-call centers to handle your payments and questions.
Ransomware stands out from most viruses in that you really have no option once an attack has been made. You either pay up, or lose the data. The only sure answer is a safe, clean backup. In that case, you are stuck with the nuisance of restoring your data with the backup, but you aren’t out any money. However, this comes with a caveat: your backups have to be clean. The problem with ransomware viruses is that just making backups may not be sufficient to protect your data, as the backups can be infected also. The only answer is to be aware that these viruses are out there and that you have to make careful, specific plans to protect your data. It is important that your backup and disaster recovery plans are designed with a ransomware attack in mind. When it comes to making data security and disaster recovery plans you should consider bringing in experts with a strong background in this field. Lost data is not something any organization can easily recover from.