Ransomware

This type of attack usually involves malicious software that is used to encrypt or lock data on a company’s computers or servers. The attackers then demand a ransom from the business in order to decrypt the data or provide the key to unlock it.

Who could be targeted?

Businesses of any size can be targeted as long as the attacker believes the business’s information can be held hostage in order to extort money from the business.

Why be aware of this attack?

Ransomware attacks can be very difficult to defend against because they can be triggered by any employee accidentally opening a malicious email attachment or visiting a malicious website. Once your data has become encrypted, it becomes almost impossible to get that data back without the attacker decrypting it or giving you the key. Attackers may threaten to post your information on social media if you do not pay the ransom, possibly damaging your company’s reputation. If you pay the ransom, there is no guarantee that the attacker will decrypt your data.

What do threat actors want?

The main purpose behind a business ransomware attack is to extort a business for monetary gain.

Famous incident:

In 2021 the meat processing company JBS paid in Bitcoin the equivalent of $11m in a ransom to put an end to a major ransomware attack on its networks. The attack temporarily shut down some operations in Australia, Canada, and the US.

How can an attack be prevented?

• Do not click suspicious links in emails or on the web.

• Do not open attachments from emails from untrusted sources.

• Keep a reliable antivirus program installed, and keep it up to date.