Ransomware sucks
Prevention is the only viable option
Menu
Menu
Ransomware sucks
Prevention is the only viable option
Each attack is different, but the first step is gaining access to your network or device. There are lots of ways to do it, but it typically isn’t difficult to achieve. Once inside, the objectives are to delete backup files, then encrypt and transfer data. In some cases, attackers will sit in a network for 6 months or more waiting for the best opportunity to strike.
Once your files have been encrypted, you can no longer access them. The only way to recover them is with the encryption key. Think of it as someone having stashed your documents in a vault, and there is no way to retrieve them unless you have the key to it.
Next comes the ransom demand.
Ransom demands range in value from roughly $400 to millions of dollars, depending on the target. Once you receive the demand, you have a choice: To pay, or not to pay.
If they deleted your backup files (or you didn’t have any), then payment is really your only option. Payment is usually required to be made in cryptocurrency so it cannot be tracked.
If you don’t have any cryptocurrency, don’t worry! They will happily walk you through the process of buying some; however, they will probably take you though one of their own websites, and now they have your bank information if they didn’t before.
Unfortunately, 17% of those that paid the ransom still didn’t receive the key.
Ransom demands range in value from roughly $400 to millions of dollars, depending on the target. Once you receive the demand, you have a choice: To pay, or not to pay.
If they deleted your backup files (or you didn’t have any), then payment is really your only option. Payment is usually required to be made in cryptocurrency so it cannot be tracked.
If you don’t have any cryptocurrency, don’t worry! They will happily walk you through the process of buying some; however, they will probably take you though one of their own websites, and now they have your bank information if they didn’t before.
Unfortunately, 17% of those that paid the ransom still didn’t receive the key.
The decision on whether or not to pay a ransomware demand can be a tough one. If you have a backup of your files, you may be able to restore your systems successfully (assuming your have a backup prior to your network being compromised).
Unfortunately, the attackers still have an encrypted copy of your data, and they will resort to strong-arm tactics to ensure they’re able to monetize their efforts. Previously, they would just resort to selling your personal or business information on the dark web. The more unique the information, the higher the value.
Now, however, if you are a business owner, they will stand up a call center, and reach out to your customers to notify them you have been a victim of ransomware. And, oh, by-the-way, if you don’t pay, they will sell your client’s information as well.
Once you’ve become the victim of a ransomware attack, it’s a lose-lose-lose situation. On a really bad day, you pay the ransom, you don’t receive the key, the thieves still sell your information, and they notify your clients.
The only way to combat ransomware is to prevent it in the first place, and to do that, you must create a secure environment around your network and/or devices.
By combining next generation anti-virus software (like Cortex XDR) with a Virtual Private Network (VPN), and Cloud Cybersecurity as a Service, you’re creating an environment where threats like ransomware are detonated in the cloud before they ever reach your device.
Once you’ve become the victim of a ransomware attack, it’s a lose-lose-lose situation. On a really bad day, you pay the ransom, you don’t receive the key, the thieves still sell your information, and they notify your clients.
The only way to combat ransomware is to prevent it in the first place, and to do that, you must create a secure environment around your network and/or devices.
By combining next generation anti-virus software (like Cortex XDR) with a Virtual Private Network (VPN), and Cloud Cybersecurity as a Service, you’re creating an environment where threats like ransomware are detonated in the cloud before they ever reach your device.