Watch this video and then read the article below.

What is Ransomware?

Ransomware is malicious code that is used by cybercriminals to launch data kidnapping and lockscreen attacks. The motive for ransomware attacks is monetary—cybercriminals often demand virtual currency from the victim, with instructions on how they can recover from the attack.

Ransomware attacks continue to run rampant worldwide. 4,000 ransomware attacks occurred per day in 2016, and according to the FBI, cybercriminals are expected to collect over $1 billion in ransom this year.

At this point, small organization leaders cannot ignore their increased need for an effective security solution. The best place to start is understanding the ins and outs of the biggest threat to modern business: ransomware.

How it Works

The deployment of a ransomware attack is strategic and insidious. Ransomware is a type of malware—or software that is intended to damage or disable computers and computer systems—and can be spread through malicious e-mail attachments, infected software apps, infected external storage devices and compromised websites.

In a data kidnapping attack, the ransomware may encrypt files on the victim’s device as well as other connected network devices. In the case of a lockscreen attack, ransomware may change the login credentials on the infected device.

It is inexpensive for cybercriminals to purchase ransomware-as-a-service (RaaS) programs in ransomware kits on the deep web, and the attacks take little effort to launch. Attackers can extort digital currency from their victims in a few different ways. For example, the victim may receive a pop-up message or email stating that if the ransom is not paid by a certain date, their data will be encrypted. The victim may also be duped into believing that they are the subject of an official inquiry that requires them to pay an electronic fine.

The State of Ransomware

The daily news is proof that business as we know it is wrought with cyber threats. With malicious attacks on the rise, organizations—especially small- and medium-sized businesses (SMBs)—are increasingly being targeted. Currently, 42 percent of employees in SMBs would not know what to do if their business experienced a cyberattack—which is largely due to the fact that  47 percent do not have employee security awareness and training programs in place. Cyber criminals are aggressively going after these businesses because they are easy targets.

Recently, large-scale ransomware attacks like SamSam, WannaCry and Petya – which use powerful exploits to enable rapid propagation across organizations—have further validated the need for enhanced IT security for businesses at high risk of shutting down if attacked. The facts are, businesses with 1,000 employees or less have a 90 percent likelihood of having a data breach costing more than $216,000, and 60 percent of small businesses close after a breach.

As an MSP who serves these SMB clients, it’s up to you to step in and provide robust cybersecurity that can withstand the modern threat landscape and ensure businesses remain protected and set to scale.

Key Terms & Definitions

Ransomware attack — a cyberattack where malicious software threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.

Cybersecurity — the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.

Social Engineering — the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Phishing — the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

CEO Fraud — the latest in a new generation of cyberattacks involving impersonation of senior company officials, using social engineering to coerce employees to transfer company money under the auspice of a legitimate business purpose.

Bitcoin—a type of digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank.

Wannacrypt — also known by the names WannaCry, WanaCrypt0r or Wcrypt is a ransomware which targets Windows operating systems.

Ransomware-as-a-service (RaaS) — a variant of ransomware designed to be so user-friendly that it could be deployed by anyone with little cyber know-how.