Ransomware, a type of malware that denies access to a computer or its data, is the number one security concern for individuals and organizations. It connects to a server to activate, and then begins encrypting data from the infected computer and sends it to the server. Once all the files are encrypted, it displays a message on the computer asking for payment to decrypt the files.

  • In 2015 victims of ransomware paid out about $24 million to thieves. In 2016 that figure jumped to around $1 billion.
    • Victims are commonly threatened with the destruction of all their data or, in the case of sensitive financial or embarrassing personal information, publication. It may seem as though victims don’t have a choice. However, refusing to pay and reporting the crime is the only way to fight back
  • In 2015 there were an estimated 1,000 reported ransom attacks per day. In 2016 the daily number of reported attacks jumped to 4,000. Reported attacks are estimated to be about 25% of all attacks.
    • Prevention starts with good security. Always have protected back-ups; update software regularly with vendor patches; install the best anti-virus/anti-malware software you can afford; perform regular scans.
  • Ransomware is frequently hidden in email message attachments (phishing) and fraudulent websites featuring clickable ads (malvertising).
    • Thieves frequently present as government, law enforcement, banks or loan companies. Learn about the different types of ransomware currently in use, how they work and how they can be thwarted.
  • Ransomware-as-a-service  is now available to Cybercriminal through the black market. Criminals can get the technology for free and give developers a cut of their earnings.
    • A ransomware attack could simply be a distraction to keep your staff busy while the attack surreptitiously copies data from your network.
  • The University of Calgary transferred 20,000 Canadian dollars-worth of bitcoins ($15,780; £10,840) after it was unable to unwind damage caused by an attack of ransomware attack of ransomware.
    • Offer ransomware training to all employees; create a plan for dealing with suspicious emails or websites; develop strong access control policies; manage the use of privileged accounts closely.