The short answer? Yes – yes you do.
It’s all over the headlines. Major corporations fall prey to malicious actors. Local governments find themselves debilitated by the threat of a data breach. But as the devastating effects of ransomware splash across front pages and top trending lists, it’s easy to think of these cyberattacks as a large, organizational concern rather than an individual one.
Easy – but wrong.
Ransomware is a specific type of malware that uses encryption to hold an organization’s – or a person’s – sensitive information captive in return for payment. Often coupled with the threat of publicly releasing that information, ransomware can wipe out your data, privacy, and bank accounts in one fell swoop. While wealthy companies are a popular target for cybercriminals who use ransomware, you personally are absolutely at risk as well.
Terrifying, no? So, what can you do about it?
First, understand how ransomware works.
There are several ways ransomware can get into your system. Most commonly, the malware is attached to a spam email which the user mistakenly downloads onto the device themselves. This is called phishing. Other avenues of entry include social engineering, false advertisements or “malvertising,” drive-by downloading (in which the malware is automatically installed from, say, visiting a sketchy website), and more.
Once installed, the ransomware infects your entire network, including applications, documents, saved passwords, and browser history. The software encrypts all that data and establishes a mathematical decryption key, effectively locking you out of either individual docs or even the device itself. If your personal device is connected to a larger network, the infection could easily spread.
Now, learn to recognize unsafe sites and messages.
Hackers have gotten more sophisticated with their messaging. Staving off ransomware and other cybersecurity attacks requires constant vigilance and a discerning eye. Resources on how to spot a phishing email, avoid social engineering, and recognize untrustworthy materials can be found on the EMPIST blog for your reference.
Popular ransomware providers include Cryptolocker, Cerber, Bad Rabbit, REvil, Locky, Ryuk, Petya, and WannaCry.
Then, establish strong security protocols.
Backing up your data, securing your network, installing adblockers, using anti-virus software, and regularly testing to see if your security system works can all help ward off ransomware. Keeping software up to date can also protect you in the case of an attack. If your device is connected to others via your employer, touch base with them to determine what security protocols they have in place. Again, if your system is compromised, all related data could be compromised as well.
Know what to do in the event of an attack.
So, you clicked on the wrong email – what do you do now? Try not to panic; there are steps that you can take to soften the blow.
First, examine the ransom note that has appeared on your screen. Be sure to make records of the wording and layout – someone may have seen this exact ransomware before! Next, disconnect your device from the network. If you’ve caught it early enough, it’s possible that the malware hasn’t yet discovered all of your backups. If this is a connected device, disconnecting may also help save other information. Make sure to secure your backups, if you have them, in the process.
Finally, weigh your options. You can: try to remove the malware, reset your device and start from scratch if you can, or pay the ransom. Paying the ransom should only be considered after all other options have been exhausted, if ever. There’s a good chance you won’t get your data or your machine back to a safe, usable state even after payment. The EMPIST team does not recommend paying ransoms. Finally, alert the proper authorities to the attack. While they might not be able to return your data, the more information we have on each attack can help prevent the next one.
Say it with us: the best defense is a good offense.
Ransomware is a serious threat to both your business and your data. The best solution we have is to be proactive in our protection, rather than reactive. It’s on every one of us to ensure our security protocols are up to the task. If you’re concerned about your cybersecurity, EMPIST has the tools and expertise needed to help. From testing to data recovery, our team can ease your professional and personal concerns about ransomware.