20Oct

There’s a 50% chance that your computer at work could be infected with ransomware especially with more online interactions.

With ransom transactions averaging over US$80,000 in 2019, malicious software is quickly becoming cybercriminals’ choice of weapon.

Ransomware uses internal systems to encrypt a series of files and deactivate troubleshooting processes, preventing access to your own data.  The hacker essentially holds your data hostage until your business pays up a substantial amount.

Is your business prepared to deal with these types of cyberattacks now that you’ve shifted to more digital processes?

Cybersecurity training plus a good cybersecurity insurance plan are two crucial ways to safeguard your company from liability and the cost of cyberattacks. But how exactly does ransomware get to your computers and devices?

1. EMAIL

Ransomware sent via email is what’s usually called phishing. A majority of ransomware is delivered via phishing. Hackers use legitimate-looking emails to trick recipients into clicking a link or downloading an attachment that contains malware.

The recipient will then get redirected to a malicious site that starts the download of ransomware. Attachments to emails come in various formats like Word, PDF, Excel or ZIP files to make the email seem safe. When the attachment is opened, the ransomware instantly uploads itself, encrypting and holding files for the hacker.

To minimize the chances of falling victim to phishing, manually entering the links in your browser, hovering over links, and expanding shortened URLs can help prevent you from clicking on them.

For attachments, check if the sender’s email address is legitimate by reviewing the domain extension (e.g. sendersname@gmail-net.com is a suspicious address). And only open files sent by people who you trust.

This site helps you check if a certain domain is temporary or a throw-away: https://www.block-disposable-email.com/cms/

2. Remote Desktop Protocol (RDP)

RDP is a communications protocol that allows IT admins to get access to other systems (e.g. company employees).  During the process of gaining access to a system, a computer can become exposed to hackers for a window of time. This is when hackers attack and deploy ransomware.

Make sure your IT puts in place authentication factors and added security measures for all your ports. This is more of a task for the IT department but is still worth knowing when you’re running checks throughout your system.

3. Illegal or Pirated Software

Some companies cut costs by subscribing to pirated or unlicensed software because they don’t see the value of cybersecurity in relation to the tools they use on their computers.

Hackers can easily embed malicious ware when you download from unsecured software sites.

The quick solution to this is to invest in licensed software especially if you’re using it daily. To prevent ransomware infections via pirated software, avoid downloading activators, key generators and software cracks from torrent websites. It’s also best practice to use a complete anti-malware application to detect any installations happening in the background while your computer runs throughout the day.

There are other channels to which malware infects systems. Make sure your employees undergo cybersecurity training and have a robust liability insurance cover in place to protect your business.