Ransomware: Defined

January 19, 2021
IT Security, News, Technology
6 min read

Woman looks at computer screen with ransomware error skull image in red.

Your data is the lifeblood of your business. For a small to midsized business, data holds a wealth of knowledge and insight that can help identify patterns, improve customer service, drive new business, track performance, and make better strategic decisions.

The value of your data is the very reason why cybercriminals are actively trying to find ways to steal or sabotage it. They use malware or malicious software like computer viruses, spyware, worms, Trojan horses, and ransomware to damage your data and gain access to your systems. With your data in their hands, they can exploit your business for financial gain.

This blog post will focus on one of the most popular and effective malware attacks that your business needs to be protected from ransomware.

What is the Definition of Ransomware?

Ransomware was the attack of choice this past year. Capitalizing on the pandemic’s chaos and uncertainty, cybercriminals infiltrated vulnerable businesses and caused considerable panic and downtime. The definition of ransomware is:

“A type of malicious software designed to block access to a computer system until a sum of money is paid.”

Ransomware can be delivered through a number of delivery systems, including phishing emails, online advertisements, free software downloads, and remote desktop protocol (RDP). All it takes is one click, and the damaging software program moves fast. Ransomware gets installed on a computer and immediately locks the device, and encrypts all the data files on the machine and any networks it is connected to. The infected user(s) loses all access to their files and/or device and receives a ransom demand.

The only way to get your data back is to restore a backup or follow the instructions and pay the ransom. Unfortunately, paying the ransom has major consequences. Paying the ransom doesn’t guarantee that you will regain your stolen data and stop the attacks. In many cases, cybercriminals receive one payment for the decryption key and demand a second payment to delete the sensitive data they have taken. It is also illegal now to make a ransomware payment in the United States. Learn more about the advisory on potential sanctions risks for facilitating ransomware payments here.

Types of Ransomware and Recent Attacks

As defensive measures get more advanced, today’s ransomware attacks are becoming more sophisticated and aggressive than they have ever been. From impersonating law enforcement agencies to bank scams, cybercriminals will do anything to take advantage of users and hold their data hostage for money. Their goal is to maximize potential damage and payoff. As a result, new ransomware strains and variants continue to surface at a rapid rate.

Here are some more common types of ransomware to be aware of that have impacted many businesses over the past few years:

  1. CryptoLocker is the original ransomware strain that has continued to evolve since it was released in 2013. It was the first ransomware virus to infect PCs through a download from a compromised website or email attachment. It infected over 250,000 machines in the first four months. Read more about it here.
  2. Cerber ransomware was released in 2016 and target cloud-based Microsoft 365 users with an elaborate phishing campaign. It has infected millions of users, and as it continues to advance, it is considered one of the biggest ransomware threats today. Learn more about it here.
  3. Locky is a ransomware strain that infects networks through Microsoft Word attachments containing malicious macros. It targets a large number of file extensions and encrypts data on unmapped network shares. Learn more about it here.
  4. WannaCry is a ransomware worm that viciously attacked vulnerable SMB services railways, telcos, hospitals, and universities all over the world. It targeted unpatched Windows 7 machines and had a short ransomware deadline. As the biggest ransomware outbreak in history, this strain infected over 300,000 computers in 150 countries. Read more about it here.
  5. Ryuk is a type of ransomware with the ability to identify and encrypt network drives and resources, as well as delete shadow copies on the endpoint. Without external backups or rollback technology, it makes it impossible to recover from an attack. Ryuk is delivered by spam emails and targets high-profile public entities like hospitals and newspapers. It is considered the most profitable ransomware attack, generating more than $61 million in ransom payments since 2018.

Ransomware attacks have gotten much worse over the years. Cybercriminals aren’t just encrypting your files, they are analyzing and identifying your most valuable data and interfering with backups to cause the most operational disruption and panic as possible. To learn more about existing ransomware strains and families, check out this comprehensive list from KnowBe4.

How to Ensure Your Business Has Ransomware Protection

With global ransomware damage costs forecasted to reach $20 billion in 2021, Cybersecurity Ventures predicts a ransomware attack on businesses every 11 seconds. These costs include damage and destruction (or loss) of data, downtime, lost productivity, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hostage data and systems, reputational harm, and employee training in direct response to the ransomware attacks.

Despite what you may have heard, there is no single solution to prevent a ransomware attack. When you look at the rate at which new ransomware variants emerge, the most effective approach is a multilayered defensive line that includes a combination of email security software, anti-virus/anti-malware software, cybersecurity training, endpoint detection, patch management, data backups, and business continuity and disaster recovery (BCDR) planning. Discover more about ransomware protection solutions here:


Prepare, Plan, and Prosper: Build Your 2021 Business Assurance Plan

To help improve the ransomware prevention approach of our customers, Tigunia hosted a free lunch-and-learn webinar with the cybersecurity and data backup specialists at Datto for an expert look at ransomware prevention solutions and the importance of having a business continuity strategy in place.

During this webinar, we explored some of the most pressing issues related to data security and ransomware, including:

  • Ransomware awareness and where your business is currently exposed to ransomware attacks
  • Ransomware evolution and the most effective solutions to combat ransomware
  • Business assurance planning and the importance of business continuity and disaster recovery (BCDR) planning in reducing downtime from ransomware
  • Multilayered ransomware prevention approach to reduce downtime

Missed it? No problem. You can catch it on demand.