Skip to content

Remove Ransomware: What is it and how does it work?

Ransomware Exposed

Ransomware has become an undeniable threat to business growth, profitability and security. It’s a ruthless type of malware that can prevent you from accessing your data until you pay the ransom which is usually demanded in a digital currency such as Bitcoin. It’s also notoriously difficult to remove ransomware from your equipment. Cyber criminals are turning this type of attack into organised crime, earning billions of pounds every year. Many businesses are forced to hand over money in the hope that their data is returned.

How does ransomware infect the computer equipment?

Surprisingly, it’s not USB drives or CDs floating around from unknown sources or hackers penetrating firewalls. Cyber criminals operate much more effectively now and the most common method of ransomware attacks today are emails and websites that have been compromised.

One email click is all it takes.

We’ve all become so used to email as the major form of business communication that getting someone to click a link is easier than ever. Ransomware attacks often come disguised as legitimate emails, these can trick your staff into clicking through to an infected website, or opening an infected attachment. Unfortunately, cyber criminals have gotten impressively good at faking internal emails, external communications from stakeholders, and seemingly genuine inquiries from customers. They’ll often conceal their ransomware in normal attachments like invoices and reports in Office documents, .PDFs and other commonly used files. Even what looks like simple text files can be an executable program in disguise!

Infected websites aren’t always obvious.

Cyber criminals will infect any web page they can get their hands on, which is why the less reputable sites should be avoided. It’s not just about making sure you and your employees stick to suitable sites; mainstream websites can also carry ransomware infections ready to spread to all visitors. In 2016, the New York Times, BBC & MSN accidentally exposed thousands of web visitors when their site showed malicious ads.

What happens during a ransomware attack?

As soon as ransomware has a foot in the door it scans all disks (including servers). It will encrypt anything it finds and, within a few minutes, all files from Office documents to photos are locked. They will be inaccessible to all users – even administrators. Then, a notification appears demanding a ransom to unlock the files and gives helpful instructions on how to pay it. At this point, many businesses are on hold as it is nearly impossible to remove.

How do you remove ransomware?

Typical options include: restoring from safe, external backups; wiping the entire system and starting again; or paying the ransom and learning a hard lesson in data security. Paying the fee is NOT a reliable way to remove ransomware as there is no guarantee that criminals will unlock your data. Ransomware may not be fun, but it certainly makes for an interesting day or two at the office!

While we can’t stop hackers from inventing new ransomware scams, we can complete a data security audit, including providing safe cloud backups. To find out more call us today on 03333 055 055.


Don't miss out on our next article...


If you didn't get this article in your email then simply fill in this form to be sure you don't miss out on the next one.

Blog post signup form
Never shared, never spammed. Unsubscribe any time.

Great Article? Share it with others...
Print page Subscribe

Discussion

No comments yet.

Leave a reply...

Your email address will not be published. Required fields are marked *