Cyber Security 101: Understanding Ransomware

 A number of cyber attacks have been reported lately using ransomware to disrupt business operations of multiple industries. Last May, a ransomware named WannaCry infected over 230,000 computer systems worldwide, and just recently an updated variant called NotPetya managed to hit over 2,000 users in Russia, Ukraine, Poland, France, Italy, the UK, Germany and the US. News of these attacks have left some people wondering, what exactly is ransomware and how much of a threat does it pose?

Ransomware, true to its name, is a type of malicious software that attempts to take over the data stored in computer systems and block access from other users until a ransom is paid. This software is normally attached to an e-mail that encrypts the computer’s hard drive as soon as it gets opened, shutting down access to everything stored inside within seconds. Cyber criminals usually demand a monetary sum via Bitcoin as ransom, as the digital currency is unregulated and a lot harder to trace.

With most, if not all major industries relying on computers and technology to maintain their operations globally, a single system outage can result in multiple business disruptions. In less than 48 hours since NotPetya’s initial attack in Ukraine, the software has caused numerous interruptions in different industries across several countries. The attack has hit global logistics hard, as A.P. Moller–Maersk Group, an integrated transport and logistics company, has announced that multiple shipping and port operations worldwide have been affected, including a complete shutdown of a terminal in Rotterdam, NL. The Netherlands’ TNT Express, a subsidiary of FedEx, and German logistics company Deutsche Post's Express Division in Ukraine have also reported that their networks have been hacked and operations possibly compromised. Merck and Co., one of the world’s largest pharmaceutical companies, has also been hit by computer outages due to the software breach.

According to experts, the best way to protect information systems from ransomware is to exercise caution. After WannaCry’s outbreak accidentally met its end, network solution giants Microsoft and Cisco have worked overtime to make sure that an encore will not be possible. These companies have already released several patches and security upgrades that users should make use of to ensure that their systems are preserved. Some businesses have also created their own defenses through network systems that fight back upon detection of the virus. Ultimately, keeping data backed up to ensure that no information would be lost upon a systems breach should also help users feel more secure with their computer resources.

The emergence of ransomware as a legitimate threat is a sign that more importance should be given towards data security. While experts are still trying to find ways to completely eliminate its risks, users should also be proactive in protecting their information. Regularly backing up data, scanning for threats, updating security firmware and software patches can significantly affect the impact of ransomware on one’s network. As it is with everything, prevention is always better than cure.

RELATED POSTS

See How to Track and Monitor Events in Real-Time