Diamond IT Blog

What you need to know about Ransomware

Written by Samantha Cordell | July 15, 2020

Ransomware is a type of malware that infects and restricts access to a computer system or files until a ransom is paid to unlock it. What is challenging is that most new strains of ransomware are very difficult to prevent because they prey on a person giving permission to activate the malware. Here's what your business needs to know about it.


What makes ransomware such a large cybersecurity risk?

Ransomware poses a real cybersecurity risk to organisations as it renders traditional security methodologies useless by prompting the user of the systems to initiate the malware. Unsuspecting employees can inadvertently give malware 'permission' to encrypt all files they have access to in your network, leaving them useless until a ransom is paid to the cybercriminal.

Ransomware typically infects organisations through malicious email attachments (such as zip files, word docs, pdf's or emails) that are designed to look legitimate and include a link to a site that infects the computer. These emails often appear to be sent from reputable companies such as banks or large retailers, in order to trick the user into opening the attachment. 

 

Image 1: Ransomware example

 

How can I protect myself and my business from Ransomware?

The best way to stay protected against ransomware is to train your employees in cybersecurity awareness, to ensure they know how to identify and respond to cybersecurity threats. In addition to cybersecurity awareness training, we recommend:

  1. Exercising caution when browsing unknown websites and opening attachments from unknown sources.
  2. Not following unsolicited web links in email messages or submitting any information to webpages in links.
  3. Ensuring your operating systems and software, including anti-virus, are up-to-date.
  4. Performing regular backups of all data.
  5. Engaging your IT team or provider to ensure network file permissions are properly maintained. A ransomware attack can only affect files the infected user has write or administrative access to.

 

What should I do if I suspect I have been infected by Ransomware?

Turn off and disconnect the infected PC or laptop from the network, and notify management and your IT provider to action immediately. If caught early, the damage caused by ransomware attacks can be reduced. A Disaster Recovery Plan can minimise the effect a ransomware attack has on your business operations, and strengthen your ability to service your customers during and after the event.

 

How can I restore my files?

Unfortunately, more often than not, the only realistic way to retrieve files targeted in a ransomware attack is to restore from the last successful backup. This is why it is critically important to ensure your IT services provider or internal team are clinically monitoring backups.

 

How can Diamond help?

We can help you ensure your technology, policy and staff education programs align with best practice. Our Business Technology Managers (BTMs) are specialists in improving your internal cybersecurity.


If you need advice on how you can ensure your cybersecurity strategy is fit for purpose, our team of Cybersecurity experts are ready to help. Contact our team on 1300 307 907 today.