Did you know that your computer and the IT systems of any business could be targeted for a virtual hostage situation? Ransomware demands a payment to liberate data from an infected device and is the most well-known form of digital extortion. Fortunately, it is possible to prevent this from happening. Find out how.
Ransomware is malware installed on a device without the user knowing. In a matter of seconds, it can block access to computer files and may even completely paralyze the activities of a business by reaching the company’s network.
Fraud can take two forms:
Once the software is installed a window or page appears explaining that a ransom is required. Payment must be made within a certain amount of time to regain use of the device by obtaining a decryption key (a password to decrypt the files). The payment demanded for ransomware with data exfiltration will prevent the dissemination of stolen and sensitive information.
The amount of the ransom to be paid is established based on the size of the business. The scammer demands payment in untraceable, digital currency, such as cryptocurrency. If the payment is not transferred on time the amount demanded may be increased.
Ransomware finds its way into personal or corporate computing devices in several ways. Here are the most common:
Email is the most common method used by scammers. “About 70-90% of cyberattacks are initiated by human error. And among these, in about 95% of cases, it’s caused by the email used by the scammer,” explains Tony Fachaux, an expert in cybersecurity awareness at National Bank.
To avoid fraud, you must verify that the email you received is legitimate. The sender’s address is the first thing you should check to spot a phishing attempt. Does it look strange? If so, be wary. Another way to spot a phishing attempt is to hover over any links without clicking on them. If they seem fishy, don’t click. You should also be careful when opening attachments. This is often how malware, including ransomware, is installed.
“Is the email worded in a strange way? Is it from someone you know but written in a different way? Does it have spelling errors? These should also give you a clue,” says Fachaux.
If the context of the email seems strange or the message seems very urgent, you should ask yourself some questions. “Official organizations never use a sense of urgency in their communications, to ensure they aren’t taken for scammers,” adds the expert.
Even if you are being vigilant with your inbox, the websites you visit and the applications you may be downloading are not completely immune to ransomware attacks. Here’s how to be even more prepared.
In business, email protection measures can be implemented to prevent a malicious attachment from reaching an employee’s email inbox,” says Fachaux. “Scammers will always find a way in, but the more you block the better.”
Try to avoid using a computer’s administrator profile when not absolutely necessary. An admin can change device settings and has access to everything on the computer. “Malware needs this access in order to be installed and to function properly,” says the expert. “By limiting the kinds of access corporate users have, we limit the viral spread.”
To avoid being infected with malware, consider installing a good antivirus program on all of your devices, including the ones for personal use. Update your software, operating systems and third-party applications regularly to prevent system vulnerabilities. The updates may contain new protections against recently listed attacks.
“Next, put a good backup plan in place,” says Fachaux. “Because an external hard drive attached to the device could also be infected in the attack, make sure you have an up-to-date copy of your files offline. A secure and unaltered backup makes it possible to recover your data without having to respond to a demand for ransom. It is not advisable to pay a ransom. “The more cybercrime is encouraged, the more attacks there will be,” adds the expert.
First of all, stay calm. The first thing to do is cut the infected device’s access to the internet and the network. “If connected, the virus can spread and cascade encrypt all the company computers, servers and then cripple the computer system,” says Fachaux. “If the right protections are not in place, the malware could even affect cloud services. When an attack strikes at work, seek support from the IT team quickly. Some ransomware is becoming known in the security world,” adds the expert. “There may be tools that can decipher certain types of malware but in general, everything is regulated so that there are no alternatives but to pay the ransom.”
“Using your backups to recover encrypted information is the best solution to avoid paying ransom. Since many companies are not protected against these kinds of attacks, they have no choice but to pay,” explains Fachaux. “Besides, paying the ransom doesn’t guarantee the security of your data. You have nothing to assure that the criminals will be honest. You risk losing both your money and your files, which is whypaying them should be the last resort. To avoid being faced with this kind of decision, protect yourself beforehand by focusing on vigilance and data backups.”
Eliminate all traces of malware by completely reinstalling the device’s operating system or corporate IT infrastructure. Then start from scratch by recovering your files from a safe backup. IT security specialists or an incident response expert can help you get back on track after a cyberattack.
You can never be too careful, so changing your passwords is a good idea. To avoid the worst, protect yourself from ransomware attacks, especially if you have sensitive information that scammers want to retrieve at all costs.
Several measures exist to protect you from fraud.
Any reproduction, in whole or in part, is strictly prohibited without the prior written consent of National Bank of Canada.
The articles and information on this website are protected by the copyright laws in effect in Canada or other countries, as applicable. The copyrights on the articles and information belong to the National Bank of Canada or other persons. Any reproduction, redistribution, electronic communication, including indirectly via a hyperlink, in whole or in part, of these articles and information and any other use thereof that is not explicitly authorized is prohibited without the prior written consent of the copyright owner.
The contents of this website must not be interpreted, considered or used as if it were financial, legal, fiscal, or other advice. National Bank and its partners in contents will not be liable for any damages that you may incur from such use.
This article is provided by National Bank, its subsidiaries and group entities for information purposes only, and creates no legal or contractual obligation for National Bank, its subsidiaries and group entities. The details of this service offering and the conditions herein are subject to change.
The hyperlinks in this article may redirect to external websites not administered by National Bank. The Bank cannot be held liable for the content of external websites or any damages caused by their use.
Views expressed in this article are those of the person being interviewed. They do not necessarily reflect the opinions of National Bank or its subsidiaries. For financial or business advice, please consult your National Bank advisor, financial planner or an industry professional (e.g., accountant, tax specialist or lawyer).