What is ransomware?
Learn more about ransomware, how it works, and how you can protect yourself and your business from this type of cyberattack.
Unfortunately, nearly anyone with an online presence can become the victim of a ransomware attack. Personal devices and enterprise networks are both frequent targets of cybercriminals.
Investing in proactive solutions, however, like threat-protection services, is a viable way to prevent ransomware from ever infecting your network or devices. Therefore, individuals and organizations with antimalware programs and other security protocols in place, such as a Zero Trust model, before an attack occurs are the least likely to become victims of a ransomware attack.
Traditional ransomware attacks occur when an individual is tricked into engaging with malicious content, such as opening an infected email or visiting a harmful website, which installs ransomware on their device.
In a human-operated ransomware attack, a group of attackers target and breach an organization’s sensitive data, usually through stolen credentials.
Typically, for both social-engineered ransomware and human-operated ransomware, a victim or organization will be presented with a ransom note that details the data that was stolen and the cost of having it returned. Paying the ransom, however, does not guarantee that the data will actually be returned or that future breaches will be prevented.
The effects of a ransomware attack can be devastating. At both the individual and organizational levels, victims could feel forced to pay high ransoms with no guarantee that their data will be returned to them or that further attacks wouldn’t occur. If a cybercriminal leaks an organization’s sensitive information, its reputation could be tarnished and seen as untrustworthy. And, depending on the type of information leaked and size of the organization, thousands of individuals could be at risk of becoming victims of identity theft or other cybercrimes.
Cybercriminals who infect victims’ devices with ransomware want money. They tend to set ransoms in cryptocurrencies because of their anonymous and untraceable nature. In a social-engineered ransomware attack targeting an individual, the ransom may be hundreds or thousands of dollars. In a human-operated ransomware attack targeting an organization, the ransom could be millions of dollars. These more sophisticated attacks against organizations may use confidential financial information that the cybercriminals found when breaching the network as grounds for setting a ransom that they believe the organization can afford.
Victims should report ransomware attacks to their local or federal law enforcement agencies. In the United States, these are your FBI local field office, the IC3, or the Secret Service. Security experts and law enforcement officials recommend that victims do not pay ransoms—if you’ve already paid, immediately contact your bank and local authorities. Your bank may be able to block the payment if you paid with a credit card.