In February 2016, hackers intruded in the computer network of Hollywood Presbyterian Medical Center in Los Angeles, CA. After encrypting sensitive medical information, the hackers and the hospital negotiated a ransom of $17,000 to return the files.
The hackers were able to get into the hospital’s system through a malicious file called ransomware. Ransomware is a form of malware that invades a target computer and encrypts data, so that users can no longer access their files. The most common ransomware programs are CryptoWall, Locky and TeslaCrypt.
After scanning an infected hard drive for common file types, such as media files and documents, the software will encrypt those files, hiding them in in a coded message. Only users with an encryption key, a more complex version of the Ovaltine decoder rings, can read the files.
The ransomware will then leave a note in the desktop with instructions to pay a ransom for the key. The message often threatens to raise the ransom amount if it is not paid by a deadline. It may also demand that the target transfer the ransom money to a pre-paid account or through Bitcoin, a digital currency that keeps transactions anonymous, so that the ransom cannot be tracked back to the hacker.
Ransomware often uses AES-256 and RSA encryption. Breaking the code would take a government-sized institution an unreasonable amount of time. It is simply easier for businesses to pay the ransom.
Data recovery software may be able to recover your data on the attacked drive, since ransomware often makes a copy of the file to encrypt, and deletes the original copy. However, more recent ransomware may try to overwrite drive sectors when the victim tries to recover the original files. Victims may risk losing their files altogether.
The FBI’s Internet Crime Complaint Center reported that ransomware cost its victims more than $18 million between April 2014 and June 2015. The most common sources of ransomware attacks are malicious links, pop-ups, and file attachments from unsolicited messages. Prevention is the best way to stop ransomware from costing your business lost data, money, and time.
Here are a few tips to prevent ransomware from harming your business.