Ransomware: How hackers hold data hostage

Crime has changed with the Internet age. Although physical theft is still a problem, the introduction of computer systems into the workplace has brought about a generation of criminals who use code to steal rather than a gun. Perhaps the epitome of this trend is ransomware, a specific piece of malware that encrypts a victim’s files until the user pays the hacker a ransom.

Ransomware attacks have been steadily increasing recently, with more businesses than ever being forced into a corner by cybercriminals. What does the current ransomware landscape look like, and how can companies protect themselves from this ever-growing threat?

The online underworld has taken a shine to ransomware. This popularity has a lot to do with just how simple and effective a ransomware campaign can be. All it takes is for the user to open the wrong attachment on a bogus email, and the malware takes it from there. What’s more, these kinds of attacks are extremely effective. Victims generally panic, sometimes scared by phony messages from the FBI or CIA about having to pay a fine, and will often enforce this malicious behavior by paying the criminal.

In fact, a November 2015 McAfee Labs Threats Report found that hackers are throwing their full weight behind these campaigns. The study discovered that total ransomware more than doubled between the fourth quarter of 2014 and the third quarter of 2015, eventually resting at a whopping 5 million observations.

Forbes contributor Thomas Fox-Brewster noted the example of Locky, a specific type of ransomware that is compromising around 90,000 devices per day. It’s a strong and effective piece of malware and shows just how troublesome these kinds of attacks are.

Although a ransomware attack is pretty straightforward, hackers are constantly innovating their techniques to make a fast buck. One of the ways they’re doing this is by branching out in terms of what systems they attempt to infect. Cybercriminals are going for less of a “spray and pray” method and more of a targeted approach, going after CEOs and CFOs. The logic here is that the important people in a company have important data on their computers and as such would be more willing to fork over a ransom.


Another trend: Hackers are also beginning to target entire servers rather than specific computers. This was recently proven to be a solid tactic after cybercriminals held Hollywood Presbyterian Medical Center’s data hostage, eventually forcing the health care facility to pay $17,000 in untraceable bitcoins. Hackers using ransomware often ask for bitcoins because they’re so hard to trace.

Ransomware may be a frightening concept, but it can be beaten if a business takes the right preventive steps. These steps include three key areas of focus: technology, processes and people.

Technology is already the backbone of your organization, so it makes sense that you’d need to invest in it if you want to prevent a ransomware attack. There are a lot of tools that detect infections before they become a problem, but what you’ll really want to focus on is backup software. The practical uses of backing up your most important data are nearly endless, but it also has the added bonus of mitigating the risks of a ransomware attack. If you have your mission-critical information backed up somewhere, you can simply ignore the hackers’ demands of payment to unlock your files.

Next is processes, and this is one that the boardroom is going to need to take a specific interest in. Executives often ask questions like “Are we backing data up?” This kind of inquiry doesn’t really mean anything, as it doesn’t tell you the specifics behind your company’s contingency plan. You should be asking where the data is or how far back the records go in order to have a full understanding of where your organization is at.

Last, and most importantly, businesses need to invest in education for their workers. Despite the fact that they keep operations running, the people at your company are the weakest link in your cybersecurity chain. You need to train them to be able to spot what a fishy email looks like and how to avoid clicking on suspicious links. Your company is only as safe as you want it to be, so make sure to train your employees to recognize the dangers of cyberattacks.