Ransomware Incident Responses & How Ransomware Works

You hurry into the office one morning, anxious to wrap up a big (and sensitive) project for a top account. As your desktop hums to life you open the company shared drive and speed through the folders, hunting for that one key file. Suddenly a strange window pops up, assaulting your eyes with a bright-red “WARNING!” alert as a timer starts ominously counting down. A menacing message comes into focus: “Your personal files are encrypted.”

It’s a scene that’s getting played out more and more often in organizations both big and small, thanks to a recent surge of ransomware hacks across sectors like healthcare, finance, and tech. Fuelled by increasingly sophisticated tactics, these attacks have become both more frequent and more damaging over the past few years, exacting a high cost from victims and putting the rest of us on the defensive.

With ransomware fast emerging as one of today’s most serious cyber security trends, enterprises are looking for strategies for ransomware incident response.

How Does Ransomware Work?

Ransomware describes a class of malicious software that prevents a user or company from accessing their data until they make a payment to the attacker. These breaches usually succeed by getting victims to mistakenly install a malevolent application, sometimes disguised as a free software giveaway or a misleading email attachment. Often social engineering comes into play, with hackers titling attachments as “invoices” or other standard business documents which employees feel obliged to open. Since the rise of companies that work towards ransomware incident responses, other schemes trick users into clicking poisoned links such as malicious ads.

Once compromised, your device will display a window with instructions on how to regain access, along with a payment deadline. Miss the deadline and the ransom can double or even triple in size, swelling from an average starting price of $300 to upwards of $1000 or higher.

Where Did Ransomware Come From?

This coercive strain of malware first surfaced in a big way about 10 years ago in Eastern Europe when ransom attacks were less advanced. These early ransomware outbreaks worked by simply locking down a keyboard or computer, in some cases freezing the screen with embarrassing adult images. Hackers often limited their attacks to individuals and personal devices, and collected ransoms via SMS messages or prepaid debit cards.

The Evolution of Ransomware

While there are some tech companies that can utilize effect ransomware incident responses, in recent years, however, the evolution of new technologies has enabled criminals to up the ante. Payments are now demanded in virtual currencies like Bitcoin, making financial transactions more anonymous and harder to trace.

Today’s ransom attacks go straight for the data by fully encrypting your files, with only the hackers in possession of the decryption key. It’s a tactic that’s been described as stealing someone’s valuables and locking them in a safe…then making them pay to get the combination!

The Prevalence of Ransomware Attacks

With new methods of attack, ransomware tactics are now more profitable for cyber criminals and have boosted the appeal of using this type of malware to defraud others. In fact, variations of ransom schemes have become so pervasive that over 50 new ransomware families were identified in just the first five months of 2016.

Analysts argue that these techniques owe their popularity to their effectiveness at extracting money from victims, with cyber security firm Datto estimating that at least 2/3 of all companies hit by ransomware will ultimately pay up.  Why? Because victims often feel they have no choice.

The Right Ransomware Incident Response For Your Company

Preventing ransomware attacks and data breaches should be a regular part of your network and system maintenance. At NIC, we can help you discover the best strategies to prevent a breach, backup all important files, and aid you in monitoring your system 24/7. Partner with us for the protection of your data.

Providing solutions to fit your organization’s IT needs

IT Partner