What is ransomware?

SecurityCategory
7 min read
Will Stevens

Ransomware has the habit of making big headlines, as anyone who remembers the NHS crisis of 2017 will know.

But what is ransomware? What threat does it pose to you and your small business? And how can small businesses protect themselves against ransomware?

This guide to ransomware will answer all these questions.

So…

What is ransomware?

Ransomware is a form of malware which encrypts your device’s files so you can’t use them, the people behind the attack then demand money to unlock your files.

In other words, ransomware is malicious software that holds you to ransom.

(You can learn what malware is in this guide.)

Ransomware outbreaks like the one that hit the NHS in 2017 can be particularly devastating as the software that is used to launch the attack can be designed to replicate itself across multiple computers.

It can achieve this by sending a copy of itself to everyone in an infected user’s email address book, or by using the network connections that exist to allow different devices to access files and data stored in a central location.

That means just one person letting their guard down can start a major ransomware infection.

But obviously nobody opens themselves up to ransomware deliberately, so how do these attacks sneak through?

How do ransomware attacks spread?

If you get an email with the subject line “Ransomware attached” and an attachment called ransomware.doc, then you’re going to delete it straightaway.

But what if you get an email that says “Urgent: unpaid invoice” and the attachment appears to be a real invoice. It might even be that the email seems to have been sent by someone you work with.

Isn’t it tempting to download and open that invoice to see what’s in there? What if you really do need to make an urgent payment to keep a contractor happy?

This is how ransomware spreads.

When you open the apparent invoice, you are in fact opening a file that runs the ransomware programme on your device.

Your data will be encrypted, your device will probably become completely unusable and, to make matters worse, you’ll likely have sent the same file to numerous other people.

Of course, it doesn’t have to be a fake invoice that hides the virus, nor does it have to be spread via email – this is just one example of how it could be done.

Tricking people into opening files containing malware is a big part of a hacker’s toolkit.

It’s tempting to think that you’d never fall for such a trick, but hackers are actually counting on you to be overconfident when it comes to your ability to spot this kind of email, as that means you’ll let your guard down.

So that’s the basics of how ransomware works and spreads, so what sort of damage can it do to a small business?

The cost of ransomware for small businesses

There’s no doubt that ransomware can cost organizations big – the 2017 attack cost the NHS £92 million and led to 19,000 cancelled appointments.

It may be tempting to think “well, if cybercriminals can get £92 million from the NHS why would they bother with my business?”.

But of course they didn’t get £92 million from the NHS – that sum is the amount it cost the NHS to deal with the disruption caused by the attack.

Attacks on small businesses are of a smaller scale, but the consequences can be devastating.

The Middle East region, saw a growing number of attacks in the six months leading to March in 2019, according to DarkMatter, a cybersecurity firm based in the UAE.

Could your business handle that big a blow to its bottom line?

And then of course there’s the after effects of a ransomware attack – there’s no guarantee you’ll be able to retrieve your encrypted data.

Just picture it your customer details, invoicing records, email marketing list all gone – forever.

And don’t think you’ll be overlooked just because you’re small – research by GoDaddy shows that 58% of companies targeted by malware are small businesses.

Cybercriminals target businesses like yours because they consider you a potential easy target.

So make sure you prove them wrong.

How can small businesses protect themselves against ransomware attacks?

There are a few things you can do to reduce the chances of falling victim to a ransomware attack, namely:

  1. Use the best antivirus software you can
  2. Be wary of unexpected emails
  3. Be careful what you download
  4. Backup everything
  5. Update everything
  6. Use strong, unique passwords everywhere

Let’s take a look at each point in turn.

1. Use the best antivirus software you can

If you’re not using antivirus software, then you’re basically inviting a cyberattack. Free antivirus software is better than nothing, but if you can go for a paid package, one that scans downloaded files before you open them.

And make sure you keep the software up to date. (More on that later.)

You should also make sure you protect your website as cybercriminals are able to attack it directly, without having to compromise your computer first.

So use a product like GoDaddy Website Security. Think of it as antivirus software for your website.

2. Be wary of unexpected emails

We all forget things sometimes, and that includes paying invoices. But that doesn’t mean we should act on every email as soon as it lands in our inbox.

If someone has sent you a file you weren’t expecting then check with them that they actually sent it, either by emailing them or, better still, speaking to them on the phone or in person.

A quick check like that can save you from a ransomware nightmare.

3. Be careful what you download

Of course ransomware can be hidden in places other than email attachments. So make sure any files you download come from a legitimate source.

Be especially wary of downloads promising you something for nothing – such as a free piece of (usually expensive) software – as cybercrimnals often try to exploit our sense of greed.

Scanning every file you download with your antivirus programme is a must, but it’s not a guarantee you’ll stay 100% safe.

4. Backup everything

Because there’s no way to be 100% safe from cybercriminal, even if you’ve taken every precaution it pays to backup all data relating to your business.

Why? Well, in the case of ransomware the aim of the hacker is to convince you to pay to gain access to crucial data.

If you have access to another copy of that crucial data, then the attack has been defeated before it has happened.

Make sure you backup exists separately from your main device – for example on an external hard drive, or on the cloud (or, even better, both).

Also make sure that sensitive data is password protected and encrypted (for both the original data and your backups).

You should backup regularly, and test your backups to make sure they’ll work if you need them.

5. Update everything regularly

A common theme in successful cyberattacks, including ransomware attacks, is out of date software.

Software updates often address new security issues that have been found, so if you don’t install them you’re leaving the door open to cyberattackers.

So make sure you update software across all your devices on a regular basis. You’ll also need to update software relating to your website if you’re using a content management system such as WordPress.

You should also update your antivirus software as these updates are the only way to detect and stop new cyberattacks.

6. Use strong, unique passwords everywhere

In some ways, this last step is the most important? Why? Well, if your passwords are easily guessed then the chances are a cybercriminal will be able to do damage no matter the precautions you have taken.

So use a strong, unique password for every account.

Summing up

A successful ransomware attack can be devastating for a small business. But if you take steps to protect yourself and regularly backup your data, then you have no reason to fear this kind of cyberattack.

Products Used