Ransomware Attack – What is it?

Ransomware is a form of malicious software that encrypts a targeted victim’s files. Once the attacker has access to the victim’s data, they will demand a ransom from the victim to restore access upon payment.

How do they get access to the data?

There are numerous ways ransomware can take to access a victim’s computer, with the most common way being through phishing spam e-mails. These e-mails often include attachments, masquerading as a file that can be trusted. If the victim downloads and opens the attachment, the attacker can take over the victim’s computer, especially if they have built-in tools that tricks the victims into allowing administrative access.

What happens once they get access?

Once the attacker has access to the victim’s computer, there are several things the malicious software might do but one of the most common things is to partially or fully encrypt the files and private data. This encryption can only be decrypted with a mathematical key which only the attacker has knowledge of – so the victim will be presented with a message explaining that they have been hacked and that the only way to get their files decrypted is for them to send payment to the attacker, often in the form of untraceable bitcoins.

How to Prevent this from happening?

Having good security practices in general can help prevent ransomware attacks and these are some of the steps that can be taken:

  • Keeping operating systems up to date to minimise vulnerabilities
  • Do not install unknown software, or give admin access unless you know exactly what it is you’re giving access to, and what it does
  • Install antivirus and white-listing software
  • Regular Back Ups

If you need help to take any of these steps, or if you would like more information on ransomware attacks and how to prevent them, please feel free to contact us!

Our social media pages can also be found on our website: www.cse.agency