Taking human hostages and exchanging them for money is a messy and very risky business. More often than not the kidnappers end up dead rather than rich. The same cannot be said for taking hostage data on your computer and releasing it for tidy payment. Your valuable data is usually not even taken from your computer – too much trouble and increased likelihood of detection to transport and store it. It is simply encrypted and the key will be only provided after the payment was made. Ransomware has become a multi-billion, yes we are talking billions, industry. Just one variant, CryptoWall, might have netted over $325 million in one year of its existence.
Who are the victims?
In short, anyone with valuable data is a potential victim. Ransomware attackers don’t discriminate. They have been successful at extorting money from little old ladies who want to see pictures of their grandkids again, hospitals desperate to get access to their patient’s records, and even police departments.
With so many potential victims and very limited risk to the perpetrators, what is there to stop them from escalating this crime further? Are governments going to protect us? Unfortunately even governments are not immune from attacks themselves, and chasing after perpetrators in cyber world is very difficult. Some will be apprehended, but many more might take their place unless we make their cost of doing business higher than the potential rewards.
In this blog series, we'll take a look at how to protect yourself from ransomware. Here are some of the topics we'll cover:
- Threat vectors – What are they and why do you need to know them?
- Protection technologies – How does Deep Machine Learning work? What's Advanced Threat Detection? We cover this here.
- Email – A closer look at the #1 threat vector of your network.
- Web – How can a web site infect your network?
- Network – How can a hacker bypass your defenses and get into your system? This post looks at security holes and potential trouble spots in your infrastructure.
- Applications – What happens when hackers take control of your web site or web application? How can you prevent this? We'll cover that here.
- When defenses fail – So you think you've been hacked. What now?
- Bringing it all together – Deploying a strategy of comprehensive threat protection.
When we're done, you should have what you need to identify and asses your threat vectors and defenses.
For more information on ransomware, visit these resources:
- NoMoreRansom project
- The evolution of ransomware
- Microsoft Malware Protection Center
- Ransomware blog posts