Ransomware has been a prominent threat to organizations and individuals alike since the mid-2000s, but have become much more crippling to victims in recent years. Over the last year, large ransomware attacks began infecting computers all over the world taking down systems across multiple industries. The most notorious and largest cyberattack in history, dubbed the “WannaCry”, hit in May attacking more than 200,000 computers in over 150 countries in a matter of hours. Striking again in June, another widespread attack hit major companies overseas hard. In both instances, attackers held the organization’s files hostage in exchange for a ransom payment which majorly disrupted day-to-day business operations. The use of these new technologies and strategies are making ransomware ambushes more powerful for cybercriminals.
Ransomware is a type of malicious software or malware designed to prevent users from accessing their systems unless a ransom is paid. These attacks can come from downloading malicious websites, spam emails or exploit kits preying on vulnerable systems. While some simple ransomware may lock a system which can be reversed by a technically savvy individual, today’s more advanced malware uses a technique called cryptoviral extortion. Infecting computers and propagating itself throughout a network encrypting files, this type of ransomware renders files unreadable by the organization until they pay the attackers to provide a decryption key. Demanding the ransom payment in the form of digital currencies, such as Ukash and Bitcoin, cybercriminals are able to protect their identity.
Organizations of all sizes should take these preventative steps to help minimize the risk of a ransomware attack on their computer systems.
Wondering if your systems are vulnerable to a ransomware attack? Contact Doeren Mayhew IT assurance and security consultants to perform an assessment of your system to detect potential risks to its integrity.
By John Hock, CPA, CISA – IT Audit Consultant, Doeren Mayhew
A quick registration is required to view our resources.
You will only be asked to do this one time (unless you don't save your browser cookies).