Home > Ransomware
Threats & Vulnerabilities


Threats & Vulnerabilities

Ransomware has made headlines in recent years, and for good reason. Each year, ransomware is becoming more expensive to resolve. Recently, ransomware has trended towards attacking companies, municipal and state governments, and other organizations. However, individual users are still at risk. 

What is Ransomware?
Ransomware refers to a type of malware that encrypts (meaning, makes indecipherable) files or hard drive discs on a computer or server and demands a ransom be paid in order to receive the key that would decrypt those files. There are a number of different kinds of ransomware, and each one has its own method of locking up files and denying access.

Some types of ransomware attacks use deception and social engineering, relying on a victim to click on a link or attachment in a phishing email. Other, more sophisticated strains of ransomware (the kind more likely to go after a big organization) may take advantage of vulnerabilities in software and protocol misconfigurations in order to bypass security and spread infection. Very often, the bad actors behind the ransomware will combine different kinds of malware to deliver the ransomware or make the problem worse for the victim. Some types of ransomware even behave like malware worms, autonomously spreading itself and infecting all devices on an interconnected network.

For individuals there are a number of steps you can take before, and after, an attack occurs:

Businesses, organizations, and government entities can also take steps to protect themselves against ransomware. Every organization’s structure is different and can vary in function and complexity. Some solutions will work for some organizations, but be ineffective for others. The following are some steps that organizations can consider, but ultimately an assessment of their needs should direct the appropriate security actions to be taken:

There is also insurance available that covers cyber incidents that may also have plans for ransomware attacks. These policies can expand the number of options that an organization may have with regards to dealing with ransomware. While these policies may add some assurance that a company or organization can more quickly recover, keep in mind the risks associated with paying hackers the money they’re asking for. Even if you decide to use the insurance to pay the ransom, there’s no guarantee that you’ll get the decryption key.