It can happen at any time...you get that phone call that your corporate servers are locked up. No one can log in and all of your data has been hijacked. A mysterious message appears on the server screen stating that for some price, you can regain access to your servers and data. WHAT IS HAPPENING? It’s called ransomware, and it is a growing concern among corporate and personal cybersecurity practitioners.
What is ransomware?
It is a special type of virus that infects your machine and encrypts all of the data with an encryption key that only the attacker has. The hackers expect you to pay a ransom to get your data back. So what is the main objective of these hackers? If you think it’s to steal your data, you’d be wrong. They only care about financial gain by getting you or your organization to pay that ransom to get access to the data back.
There was a 229% increase in ransomware attacks from 2017 to 2018, causing several million dollars in damages.
Why this dramatic increase?
The attackers are successful, making the attackers money. People and organizations store valuable data on their systems – data with financial, sentimental, and even reputational value. Many people and organizations make the mistake of thinking there is nothing that hackers would want, but what the hackers want is you to be afraid to lose the data or have the data made public. Do you have photos on your system that you don’t have copies of elsewhere? Do you store data that you don’t want people to know, items that could cause career or personal ruin? Then you would be a perfect target.
What do you do when it happens?
Local authorities will not be able to assist you, and most professionals will recommend that you simply pay the ransom to uncorrupt your files. It most cases it ends up being better to pay the ransom than lose your data or have that data leak to the public. Chances are you’re going to have to pay up in either Bitcoin or via an international wire (because neither of these are trackable!).
How do I protect myself?
The best stance is to be proactive and to avoid becoming a victim in the first place.
- The first precaution you should take is to eliminate their bargaining power – back up all of your irreplaceable files on an external hard drive! Schedule daily backups to the drive and then shut down your machine overnight. It should be mentioned that solely using cloud storage as backup is not recommended – most of the time, the virus can spread into the cloud as well, corrupting the data there.
- Another precaution is to consistently install software updates and patches to keep your machine up-to-date and secure.
Getting out in front of the attackers will keep you safe from ransomware.
To learn more about how UNCW prepares students for careers in cybersecurity, visit the UNCW Center for Cyber Defense Education's website.