“If I could sum up why I’m committed to the HR Girlfriends community it would come down to because we are ‘….in this together.'”

~Sana’ Rasul, Chief Girlfriend

What you need to know about ransom-ware

Ransomware has on several occasions been termed the next biggest threat to internet security confronting the cybersafe communication systems. The fact that there is no sure way of preventing shielding oneself from this threat makes it difficult to bear. This news implies that every internet user, ranging from computer and smartphone to smart TV users, no one can claim immunity to this continually escalating menace.

However, knowing how these criminals take your businesses data hostage, their demands, the different types of malware they deploy and how to respond to either may help you minimize chances of falling victim. In other instances, such knowledge may help you know how to react to the hacker’s threats as well as limit the extent of your loss.

Here is everything you need to know about such an attack perpetrated against your business.

How does it work?

In most cases, it starts with the attacker spamming your emails or browser with contaminated links usually disguised as something else. Opening such emails or clicking on the said links initiates the installation process of the attacker’s virus or warm. The virus then encrypts your businesses critical files and data with some advanced viruses that tear your cybersafe veil and attack connected backups.

Upon successful encryption of your data, your attacker might contact you demanding ransom for your data that they usually prefer to be paid in the form of untraceable payment processes such as cryptocurrencies or western union.

Type of ransom ware

According to reports by Kaspersky Labs, there are primarily two types of ransom malware; Locker and Crypto.

Locker programs

These avoid the complicated encryption process and specialize in locking the user out of specific files or computer functions. The most popular often locked individuals out the desktop as well as blocking their internet access. Considering their limited intrusiveness, locker programs are easier to defeat.

Crypto malware

These are complex programs that install on your computer and corrupt, by way of encryption, some of your most sensitive data. Initially, these programs only targeted photos and contact details on your pc hard drive. However, with advancement in technology, this malware can now trace executable files on your computer and encrypt them until you pay for decryption.

Some malware like Chimera even threaten to publish the encrypted details online should you fail to meet their ransom demands. Others like the offline ransomware have devised methods of executing their encryption offline. Implying that they can still run commands on your disconnected devices where you store your backups.

Should you pay or not pay?

When faced with the threat of a cyber-criminal attacking confidentiality of a business and threatening to publish the organization’s contacts and contracts online, most people will go to any length to pay the attackers off. However, how sure are you that the attacker will furnish you with a decryption key or will they manipulate your resourcefulness and demand for more?

Studies on some of this malware such as Chimera indicates they are fundamentally flawed and can’t steal data from your computer let alone publish them online. Others like the Power Worm have a defective encryption process that renders whatever decryption key they offer you useless. Therefore, whether you pay or not, you still lose your data.

Therefore, when faced with such a challenge, the best course of action before contemplating pay would remain to inform relevant authorities such as the FBI. Their specialists would then advise on whether to pay or not based on the sensitivity of your business information and chances of recovery.

How to avoid becoming malware program victim?

The most cybersafe method of preventing random malware slipping into your computer system and encrypting your data is abstinence from accessing the internet. However, since this is impractical, you are advised to avoid accessing sensitive business sites outside a secure network such as over hotel and airport Wi-Fi.

Additionally, always confirm that these free hotel and airport Wi-Fi networks are cybersafe and legitimate before using them. It is also advisable that you stop opening suspicious e-mails and links.

Most importantly, ensure you constantly back up your business information in an unconnected device. A backup shields you from the irreparable losses should the ransomware menace catch up with you and for one reason or another fail to raise the ransom or lose the data.

Bottom line

No one knows if they will ever encounter a cyber-attack to their business. However, given its rapid spread across the world, it would only pay to know how to avoid falling prey to its fangs.

Reference links:
https://usa.kaspersky.com/resource-center/threats/ransomware-threats-an-in-depth-guide
https://www.entrepreneur.com/article/286431
https://www.stormwindstudios.com/3-critical-steps-to-stop-ransomware-like-wannacry-and-petya-today/

 

Looking to make your Company CyberAWARE?
Get hooked into Corporate Training!

Leave a comment

Never miss an opportunity to earn HRCI/SHRM credits, identify a mentor, or connect 1:1 with another HR Girlfriend in your city or across the country.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

HR Girlfriends™ is a Human Resources networking organization dedicated to advancing the practice and culture of people empowerment. Our team of Girlfriends consult, train, educate, develop, share, promote, and advocate for solutions in the field of human resource management.

Are You IN?
Or Are You OUT?

It’s time you join forces with a community of like-minded peers ready to tackle the issues unique to the women of HR.
  • All
  • Affirmation
  • Career Mondays
  • Certification
  • COVID-19
  • CyberSAFE
  • Guest Blogger
  • HR Advisor
  • HR Law Alert
  • HR Q&A
  • HR Reading
  • HR Reel Talk
  • Join Our Team - Apply Now
  • Membership
All
  • All
  • Affirmation
  • Career Mondays
  • Certification
  • COVID-19
  • CyberSAFE
  • Guest Blogger
  • HR Advisor
  • HR Law Alert
  • HR Q&A
  • HR Reading
  • HR Reel Talk
  • Join Our Team - Apply Now
  • Membership
Affirmation

Affirmation: 4 Important Life Skills Your Parents Didn’t Teach You

We learn a lot of things in school, but many of them aren’t particularly valuable from the standpoint of practicality. You were probably required to …

Read More →
Career Mondays

Career Monday: Save Your Job – How to Deal With a Bad Boss

Odds are that you will have at least one bad boss sooner or later. It can be a very challenging situation without obvious solutions. But …

Read More →
HR Q&A

Q&A: Exempt Employee Taking Long Lunches

You can deduct hours from this exempt employee’s PTO bank for time she was scheduled to work but didn’t work, but if it wasn’t made …

Read More →
Share via
Copy link
Powered by Social Snap