Not every entrepreneur is aware of his responsibility when it comes to data security. We receive news in media reporting about ransomware attacks every day.
What is ransomware?
Ransomware is malicious software that locks your computer and encrypts data so that you can no longer access your data. “Ransom” comes from the English language and means “ransom” in German. As soon as the malware is active, the perpetrators get in touch and make ransom demands. Experts sometimes also refer to this as an encryption Trojan, since data can no longer be read by users. The perpetrators blackmail the victims by making it clear that the locked data will not be released until a ransom payment is made. These cybercriminals thus play on people’s fear and enrich themselves at their expense.
Different variants of ransomware.
There are two different variants of ransomware.
- Screenlocker – These lock the screen or the whole PC.
- File encrypters encrypt the data on the computer and take data (text files, important folders,…) into hostage.
In the meantime, attacks with screenlocker have become rare. Instead, encryption programs are increasingly used, which completely encrypt the data.
How can I capture possible ransomware?
The spread hardly differs from other malware. This software often gets on your computer via manipulated websites, spam emails or social networks. In addition, faked e-mails are sent with alleged reminders, invoices, etc., which are not recognized as fake by many users in time and are therefore opened. Behind this, is a file that does not contain any information but a malicious code that spreads to their computers.
How do you know you are affected by a ransomware attack?
Normally, the screen blocks or an extortion letter appears that can not be closed. However, there are also variants that remain undetected over a long period of time and spread during this time. The effects will then occur later and users can no longer remember when and where they captured the trojan.
How can you protect yourself from ransomware?
- Updates: Update your operating system continuously. Also, make sure that any software that has been installed is also updated.
- Browser: Update your browser and enable browser protection that will protect you from infected scripts and possible malicious file download.
- Protection measures: Rely on a firewall, e.g. Sophos, which detects and blocks malware. Furthermore, Endpoint Protection detects malware such as Trojans and isolates them completely.
- Training: remember to train your employees so that they react correctly and know what needs to be observed. Especially in this day and age with increased home office operations, you need to make sure that employees act correctly. Especially since private computers most likely do not have the same security standards implemented as in the company. This can be, for example, missing updates or bypassed security mechanisms, because they are annoying, the notebook works slower as a result, etc.
- User account: Make sure that the administrator account is really reserved for IT technicians. User accounts have fewer rights. In the event of a ransomware attack, the malware can therefore not penetrate as deeply into the system and, ideally, cause no damage at all.
- Backup and risk analysis: Make regular backups of your data so that you can fall back on them in an emergency. Perform a risk assessment by asking yourself the following 4 questions:
1. if a cyberattack occurs, what impact will it have on my business model?
2. how long can the company survive if suddenly nothing works at all?
3. what costs will we incur if the plant is shut down?
4. are there backups that can be used in a new environment to restore data?
Schindler IT-Solutions stands for data security and has been committed to this for more than 20 years. From security solutions and training for managers and employees to the DSGVO and the easyGDPR software developed in-house, the topic of data security is covered. Since 2020, the know-how has also been incorporated into the WKO’s Cybersecurity Hotline .