Ransomware is one type maliciousυ λογισμικού που κλειδώνει μια device ή κρυπτογραφεί το περιεχόμενο στη συσκευή και στη συνέχεια εκβιάζει το χρήστη να πληρώσει λύτρα για να αποκτήσει και πάλι πρόσβαση στο περιεχόμενό του.
And of course, devices are not just mobile phones and computers, they are also servers and the Internet of Things or Internet of Things (IoT).
Therefore, in case of ransomware infection (and non-existent or non-functional backups), the company loses access to invoices and customers, for example.
This form of attack can temporarily interrupt the company's work or production process. Depending on the business or organization, the ransomware attack is likely to have consequences for its customers, which can eventually lead them to turn to a competitor.
According to ESET, companies often consider ransomware as their biggest security problem. However, this is not necessarily because ransomware attacks are more common than other forms of cyberattack, but because such attacks are often widely publicized. So even someone who has never experienced an ransomware attack can realize that this type of cyber attack is a serious threat.
The electronic email remains the most common way of ransomware infection
While ransomware infection often starts with a click on a suspicious link or fake invoice, ESET has found that email remains the most common method of distribution in a two-step process, with a download program delivered first, followed by ransomware as secondary infection.
The need to raise employee safety awareness
It is unclear whether successful ransomware attacks are due to the skill of attackers or the negligence of employees. Some types of ransomware are highly sophisticated, while others are not. The risk of ransomware infection is one of the many reasons why the Companies they should focus on training their employees on cyber security so they know for example what links not to click and what to do if a security mistake has already been made.
Unequal distribution of investments in security issues
Some companies spend hundreds of thousands or even millions of dollars on various advanced security solutions, but not a few thousand more on a well-trained staff responsible for developing and managing network security measures. Instead, companies often choose to acknowledge that there are security vulnerabilities and make this decision because they do not expect to be attacked by ransomware.
The basic rules to follow
According to ESET, the basic rules you need to follow to avoid data loss are:
• Back up your data frequently and keep at least one full backup offline.
• Keep all your software - including operating systems - repaired and up to date.
However, holistic coverage should be the first goal of any comprehensive cyber security strategy. This starts with a reliable and multilevel endpoint protection solution, followed by ongoing maintenance and best security practices.
FOR HISTORY:
In 1989, the first ransomware attack was carried out with the… postman
The first documented case ransomware occurred in 1989. It was called the AIDS Trojan and spread through thousands of floppy disks sent by mail. These disks reported that they contained a database on AIDS and the risk factors associated with the disease.
In fact, the floppy disks contained malware, which disabled users' access to much of the contents of the hard disk. The AIDS Trojan demanded a ransom (or as the related message called it, “payment license”), amounting to US$189, which should be sent to a PO Box in Panama. The person responsible for this particular ransomware was Dr. Joseph Popp.
