Ransomware is an increasingly hot topic for security and IT teams. Organizations are attempting to fight back against this malicious software, but it is a battle that is hard to win. Just last year, ransomware cost businesses $1 billion. And it’s more than just monetary costs — organizations lose significant operational time and take a negative hit on their reputation with every breach. Less than half of all organizations who are ransomware victims ever fully recover their data, whether they pay up or try to restore from a backup. Effective ransomware protection especially in the form of email security is necessary for defending your organization.
In 2016, ransomware cost businesses $1 billion.
Ransomware is malicious software, or malware, that infiltrates a victim’s computer or device and encrypts all the files on the device that it can access. Until the ransom is paid the files are inaccessible. Sometimes, hackers will add an additional blackmail threat of publicly releasing sensitive data. The vector for ransomware is overwhelmingly an email that convinces users to click on a malicious link or a malicious attachment.
Although there are many ransomware variants, the two most popular are Locky and CryptoLocker. Both types of ransomware are distributed through malicious email attachments and booby-trapped URLs (also usually emailed). Once the ransomware is activated, it quickly encrypts all files it can find on the device and renders them inaccessible. With the encryption complete, hackers request ransom payments for the files to be unencrypted. If victims refuse to pay the ransom or let the deadline pass, many cybercriminals threaten to delete the decryption key or raise the ransom significantly.