What Is Ransomware?

by

December 11, 2019

Ransomware is a cyber attack on your system where hackers gain access—usually through an infected email or website—then lock you systems down and demand a ransom. And it’s big business. In fact, according to Statista, 308 million ransomware attacks occurred globally in 2020, and the percentage of global businesses victimized by ransomware has risen to 68.5 percent.

How Does Ransomware Work?

Ransomware is a malware attack that is uploaded to your computer by clicking an infected email or visiting infected sites on your computer. Once infected with the hostage virus, a computer cannot be used until the infection is scrubbed or the “ransom” is paid. Files are encrypted by the virus and cannot be accessed, or, in some cases, a user’s screen is locked on the “ransom” note. All of your data has been locked and the only way to release a file that has been infected with ransomware is to unlock a key to unencrypt the files, usually by paying the ransom.

Ransomware is a disturbing and frightening malware that, because of its encryption of all your company’s data, can have implications that last long after the virus has been scrubbed. The disruption to your company’s systems can be devastating. Not only will ransomware block users from accessing important data, it can wipe some data from the system permanently, result in lost income from unplanned downtime, affect emails, disrupt billing cycles, and more. It can take days, weeks or even months to clean up the mess after a ransomware attack.

Because it’s expected that companies and businesses have security in place that will stop these types of cybercrimes, once the public hears that a company has been infected with a ransomware its confidence in that business will plummet.

Ransomware Attacks Are Escalating

Ransomware is no longer a low grade threat hitting only corporations. It’s now bleeding into areas that threaten supply chains and national security. In 2020, the Colonial Pipeline attack throttled the flow of gas to the Eastern seaboard—not because the pipes were clogged, but because their computer systems were. Without a way to clock payment or record deliveries, the company was thrown into chaos, and customers all over the country had to endure shortages and gas price spies. The threat was serious enough to garner action from President Joe Biden, who issued a cybersecurity directive to government agencies, who will be shoring up their defenses and soon issuing new guidelines to corporations to shore up theirs.

A 2021 attack on the SaaS company Kaseya was one of the boldest yet by ransomware gangs, infecting a system that, in most companies, IT administrators use to control their networks. The particularly nasty attack affected 1,500 companies at once, and they demanded $70 milion dollars to release the key.

Ransomware: Not a New Threat

With all the recent focus on cyberattacks, you might think cybercrime is a relatively new trend. The reality is a bit more sobering: while cybercriminals continue to evolve and up the game, cybercrime has been around for decades.

The first known ransomware attack hit the healthcare industry in 1989 when Joseph Popp, PhD, sent over 20000 infected floppy discs to 90 countries across the globe. The malware wasn’t immediately apparent; the infected computers had to be turned on 90 times before the ransomware message was displayed. Payment of $189 was demanded to release the networks, along with a demand for an additional $378 for a “software lease.” The payment was to be mailed to “PC Cyborg” in Panama.

Joseph Popp was an AIDS researcher who targeted other Aids researchers with his attack. He cleverly hid the virus in discs titled “AIDS Information: Introductory Diskettes” and handed them out to the attendees of the World Health Organization’s AIDS Conference.

This ransomware attack became known as the AIDS Trojan, or the PC Cyborg virus. It was a very basic virus and, while it affected many networks, the files were easily decrypted without paying the ransom.

Over time, ransomware has evolved. Many notable ransomware attacks have targeted big, established companies, banks, healthcare organizations and even governments from the mid 2000’s to the present day.

No matter the size or vertical, all businesses are at risk for a ransomware attack.

Learn everything you need to know about ransomware here.

As of 2020, 1,500 businesses a day are hit by Ransomware.

There are several different types of ransomware, but the most common are:

  • Scareware: This is usually a pop-up form of ransomware. It warns the user that their computer is infected and suggests running a PC scan immediately. Once the user clicks the button to run the “scan,” the virus is introduced into the device and networks.
  • Doxware: Doxware hijacks sensitive data, with the actors threatening to release it publicly unless payment is made.
  • Mobile Devices: A user’s mobile device is locked down, usually by downloading a malicious app, and payment must be made to release the functionality of the device.
  • Lockers: When your network is infected by a locker, all users are locked out of the ability to access their devices.
  • Crypto Malware: Crypto malware affects your files and data, encrypting it and offering a decryption key in exchange for payment.

Do you want to learn more about malware? Check out our in-depth Ultimate Malware guide and learn more about the threats to your network.

Integris Can Help Protect You From Ransomware

No one expects their network to become infected from ransomware, so it’s possible your cybersecurity strategy isn’t up to the task of blocking it. Your business deserves the best protections, fueled by artificial intelligence and backed by a dedicated team known as a Security Operations Center. Find out how our cutting-edge cybersecurity platform, Iconic Fortify, will protect you from all threats, including ransomware.  Contact us for a free, no obligation consultation and put Integris in your corner. Our comprehensive cybersecurity services are affordable and scalabele for organizations of all sizes.

Not ready to chat? Check your cybersecurity strategies on your own with our free Do-It-Yourself Cybersecurity Audit Checklist and see where you stand.

[sc name=”blog-cta-cybersecurity”]

We're Integris. We're always working to empower people through technology.

Keep reading

4 Cybersecurity Takeaways from China’s Largest Data Breach

4 Cybersecurity Takeaways from China’s Largest Data Breach

Cybersecurity drama strikes again as human error leads to China's biggest data breach and perhaps the most significant hack of personal information in history. According to Threat Post, the incident was triggered after a Chinese government software developer wrote a...

Social Engineering Hacks—Are They a Bigger Threat than Ransomware?

Social Engineering Hacks—Are They a Bigger Threat than Ransomware?

We're making a dent in hacking. Cybersecurity tools are better, and employee security training is better too. The emergence of the cloud means that hacker delights like uninstalled security patches happen far less. Now that most companies are backing up and operating...

The Business Impact of the AGCO Ransomware Attack

The Business Impact of the AGCO Ransomware Attack

On May 6, 2022, global agricultural equipment manufacturer and distributor AGCO announced they were victims of a ransomware attack. The cyber assault hit some of their production facilities on May 5. Restoring operations to normal will take several or more days. While...