<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=352585001801011&amp;ev=PageView&amp;noscript=1">
Matt Kozloski

By: Matt Kozloski on September 16th, 2016

Print/Save as PDF

Malware: What It Is, How It Spreads, and How It Has Become an Epidemic

Cybersecurity

When an entry-level employee, perhaps a brand-new hire who just received database access, receives an important-looking email from the CEO of the company, what does that employee do? In the vast majority of cases, he or she opens that email up immediately—it must be important if it's coming all the way from the head of the company, right? After clicking a bogus link, nothing unusual happens and the email is quickly forgotten about. However, three weeks later, production grinds to a halt as every employee in the company, from entry-level to executive, discovers they've been locked out of the system. Until a Bitcoin payment is made to a secret address, the computers warn, access to the system will be made impossible.

What just happened?

This is a classic malware scenario that involves a particular type of malware called ransomware. As the name indicates, it holds data hostage until a ransom is paid. There are countless permutations on this strategy, including variants where data is encrypted or where data is outright deleted—you're not getting it back whether you pay the ransom or not. Obviously, this is catastrophic from a business perspective, and the IT department will trace the attack to the email innocently opened by an unsuspecting employee.

Find out how you can improve your company's cybersecurity posture in our free on-demand webinar, Finding Cybersecurity Gaps And Vulnerabilities In Your Organization. You can read a quick recap of the webinar here.

What About Ransomware?

Ransomware is one of the most dangerous and profitable cybercriminal enterprises out there. Whereas a traditional malware application may collect company data and give to hackers so they can sell it to the highest bidder, ransomware actively infects the host’s data and makes it completely inaccessible. A common strategy is to encrypt the entire database and force the victim to pay for the decryption key. Downtime is incredibly expensive so unsurprisingly, many companies choose to simply pay and hope they get their files back. Naturally, there is no actual guarantee that any decryption key will be provided, and no guarantee that the ransomware application won't encrypt the system again when the attacker needs more money.

If you implement just these few steps and make them a part of the way you do business, you'll be better off than the majority of companies on the market. The real challenge, however, is eliminating malware from its source. Every ransomware payment made simply reinforces its position as a profitable criminal enterprise. A comprehensive plan for mitigating cybercriminal behavior is a must for any business, in any industry or sector. Learn more about cybersecurity threats and the ways you can protect yourself by watching our free on-demand webinar here.

New Call-to-action

About Matt Kozloski

Matt is an IT industry veteran and well-versed in professional services. He is the former leader of the CT VMUG. VCDX # 194, CISSP # 526947.