What is ransomware? Everything you need to know

null
Ransomware - latest statistics

- Almost half (49 per cent) of UK businesses would pay ransom following a ransomware attack (Malwarebytes)

- Ransomware victims have paid more than $25 million in the past two years to get their data back (Google)

- The number of ransomware attacks increased by 752 per cent in 2016 (Trend Micro

Ransomware: What’s new

10/07 - NEWS - Malware and ransomware see huge rises across the world - Cybercriminals turn to encryption to help deliver their malicious payloads...

27/06 - NEWS - Sophos: Why you still need to beware ransomware - Despite all the latest advances, "brilliantly effective" malware and ransomware attacks still dominate the threat landscape...

25/06 - FEATURE - MattBody/Sophos - Ransomware – fail to prepare, prepare to fail - When it comes to falling victim to a ransomware attack, it's not a case of 'if' but 'when'...

11/05 - FEATURE - Paolo Passeri/Netskope - Bigger than Ransomware, CryptoJacking is the new money maker - While ransomware requires the participation of victims, cryptojacking can run almost undetected on users' systems...

10/04 - NEWS - Ransomware most popular form of malware - Malware is still too easy to build, easy to deploy, and easy to monetise...

09/04 - NEWS - Cryptomining looks to topple ransomware as top threat to businesses - Criminals expand their repertoire as businesses come under more threats than ever...

04/04 - NEWS - Fewer records breached as cybercriminals focus on ransomware and destructive attacks - IBM's X-Force Threat Intelligence Index details the spread of ransomware in 2017...

29/03 - FEATURE - David Trossell/Bridgeworks - Cyber-Security: How hospitals can prevent ransomware - Hospitals are vulnerable to the same cyber threats as businesses and must take action to protect themselves...

28/03 - NEWS - Ransomware costing UK companies £346m - Businesses have realised that ransom demands are just part of the cost of falling victim to an attack...

23/03 - NEWS - Cryptojacking takes over from ransomware as cybercriminal's choice - Symantec report finds cryptocurrency-related hacks gaining popularity at the expense of ransomware...

07/03 - NEWS - British businesses hit by 38 unique ransomware attacks each day - Less attacks, but more variation, means companies need to be on their toes even more...

12/02 - NEWS - Ransomware costs European SMBs £71 million in downtime - Some businesses still decide to pay the ransom as they see it as a cheap way out...

07/02 - NEWS - Microsoft & Google unable to detect new zero-day ransomware - The ShurL0ckr ransomware was able to avoid detection by a majority of anti-virus engines and cloud applications...

31/01 - NEWS - Over half of companies hit by ransomware last year - Some companies were affected to the cost of many millions, research finds...

26/01 - NEWS - Ransomware threat hits new highs for UK users in 2017 - Malwarebytes report reveals huge growth in scale and threat of cybercrime targeting UK users...

20/12 - FEATURE - Mark Banfield/Autotask - 6 Ways ITSPs can lessen ransomware risk for clients - No organisation is entirely safe from ransomware and other cyber threats...

18/12 - NEWS - 2018 could be the biggest ransomware year yet - Kaspersky Lab also notes record year in malicious file detection, but predicts rise in ransomware threats too...

07/12 - NEWS - Can businesses fight back against the surge of ransomware in 2018? - Beware the 'New Mafia' of cybercrime, Malwarebytes study warns...

29/11 - NEWS - Ransomware set to get even more profitable in 2018 - McAfee predictions for the year ahead predict yet more ransomware, along with possible threats to home privacy and even "digital baggage"...

28/11 - FEATURE - Linus Chang/BackupAssist - Startling facts you need to know about ransomware and what to do about them - Having a secure backup of your sensitive documents is the best defense against ransomware...

21/11 - FEATURE - Jason Hart/Gemalto - The rise of ransomware and data breaches have revealed the poor state of businesses cybersecurity - What can businesses do to avoid becoming a hacker’s easy target, and how should they keep their data safe?

13/11 - FEATURE - Dena Bauckman/Zix - Pay up: An examination of ransomware’s ascension and propagation - Previous prevention strategies will become less effective as ransomware threats continue to evolve and organisations must remain diligent to stay ahead of the curve...

03/11 - NEWS - 2018 could see more ransomware attacks than ever before - No platform is safe from ransomware, SophosLabs report warns...

01/11 - FEATURE - Alexander Ivanyuk/Acronis - Bad Rabbit — Inside the latest ransomware - There is still a lot of education that needs to be done to make such attacks less effective...

31/10 - NEWS - Ransomware attacks hit new high in 2017 - NotPetya takes top spot as Webroot's most damaging attack of 2017, followed by WannaCry and Locky...

25/10 - NEWS - New Bad Rabbit ransomware hitting Eastern Europe - Security researchers confirm new strain has spread through a fake Adobe Flash Player installer...

24/10 - FEATURE - Nilly Assia/Portnox - Phishing and Ransomware – your inbox’s worst nightmare - Opening emails and attachments from unknown senders could spell disaster for your organisation...

12/10 - NEWS - Businesses love Office 365, but ransomware is holding them back - Almost every organisation out there is afraid of being hit by ransomware...

12/10 - FEATURE - Nigel Tozer/Commvault - Ransomware is a deadly enemy – even if security is built like a fortress - As ransomware evolves, it becomes even more essential for organisations to backup their data securely...

29/09 - FEATURE - Rick McElroy/Carbon Black - The past, present, and future of ransomware - Today, cyber extortion utilises ransomware as its preferred tool. It wasn’t always that way...

28/09 - NEWS - Europol names ransomware as number one cyber threat - Policing report finds ransomware has grown to become one of the most pressing cybercrime threats...

28/09 - FEATURE - Rory Duncan/Dimension Data UKI - Ransomware: The pervasive business disruptor - By implementing the framework outlined here, businesses will have a fighting chance of disrupting an attack before it can disrupt business operations...

25/09 - NEWS - A quarter of UK councils hit by ransomware - UK councils are a popular target for cyber criminals, according to a new report by Barracuda Networks...

22/09 - NEWS - SMBs paid out £222m in ransomware demands last year - Five per cent of all small and medium-sized companies in the entire world were victims of a ransomware attack in 2016 alone, with the money paid out to reclaim data reaching new highs, research has revealed...

13/09 - FEATURE - Richard Stiennon/Blancco Technology Group - Ransomware attacks: One critical prevention method CISOs are overlooking - Data sanitasation can play a key role in helping your organisation recover from a ransomware attack...

12/09 - FEATURE - Tony Rowan/SentinelOne - Ransomware and the art of manipulation - By understanding the psychology behind ransomware, organisations can gain a better understanding of what motivates cyber criminals...

08/09 - FEATURE - Richard Henderson/Absolute - Why patch management to protect against ransomware is easier said than done - The explosion of mobility, cloud technologies, and the Internet of Things (IoT) have changed the game, expanding the attack surface to create millions of new potential points of entry for cyber criminals...

17/08 - FEATURE - Nicola Whiting/Titania - How military forces are combating the ransomware epidemic - Organisations should follow the military's lead by adopting automated tools to combat cyber threats...

16/08 - FEATURE - Simo Kamppari/Promisec - Ransomware threat accelerates with spotlight on endpoint security - It is now imperative that organisations prepare their networks and devices for the next ransomware attack...

14/08 - FEATURE - Jason Allaway/Ivanti - A game of keyboards: How businesses can defend themselves in the age of nation-state ransomware - Here are the five basics that companies must get right if they are to avoid finding themselves in the middle of a cyber game of thrones...

03/08 - NEWS - UK SMBs are failing to address ransomware threats - Webroot report reveals significant false sense of security at many businesses despite public awareness of WannaCry and NotPetya...

28/07 - NEWS - UK businesses most likely to pay ransomware fees - The cost of paying Ransomware are less destructive than downtime that follows, report shows...

28/07 - FEATURE - Matt Lock/Varonis - NotPetya: Not your average ransomware - The latest ransomware attacks locked users out of their systems as opposed to just encrypting their files...

26/07 - NEWS - Ransomware victims handed over $25 million in payments in the last two years - However it's unclear how much of that money made it back to the criminals, Google report claims...

24/07 - FEATURE - Phil Bridge/Kroll Ontrack Data - Petya – ransomware failing to hold us to ransom? - Despite the uproar caused by the latest ransomware attacks, the cyber criminals behind them were unable to collect payments from victims....

19/07 - FEATURE - Bogdan Botezatu/Bitdefender - The Petya attack was anything but petty ransomware - Poor implementation of the payment processing algorithm, paired with an unfortunate choice of victim country makes us think that this attack spelled “cyber-war” more than it spelled “money”...

14/07 - FEATURE - Raef Mauweisse/Cyber Simplicity Ltd - When it comes to Ransomware preparedness, complacency is no longer an option - Cyber criminals have stepped up their game and your organisation should too... 

To view all of our ransomware coverage, click here.

 What is ransomware?

Ransomware is one of the most virulent forms of malware, and one which has unfortunately become increasingly popular in recent years. Once installed onto a victim's computer, typically via clicking on an attachment or link within an email, the malware quickly encrypts all the data on the device, rendering it inaccessible and effectively locking the victim out.

The user is then confronted with a pop-up window or message explaining the infection, and explaining that if they wish to release their files, they will need to issue a payment, which can either be in cash, or increasingly in cybercurrencies such as Bitcoin - which are harder to trace.

The warning windows or message are sometimes disguised as coming from law enforcement or government agencies, making the user that they are being suspected of illegal or criminal activity in order to pressure them into paying.

PC devices are not alone in being attacked, either, as criminals have also recently moved into smartphone ransomware, meaning that using your mobile devices could also be risky.

Several recent major ransomware attacks, including WannaCry and NotPetya, have made headlines around the world, as due to its flexibility, the malware is able to infect all kinds of devices, whether belonging to corporate or consumer customers.

Ransomware FAQ

  •  How much does it cost to get your files back from a ransomware attack? 

The customisation of ransomware attacks has meant that criminals are able to tailor their demands depending on their victims, and the scale of their attacks.

Recent research from security firm Malwarebytes found that over half of all British businesses had been targeted by a ransomware attack over the past twelve months.

Over a third of victims had lost money as a result of an attack, and a fifth of British companies who had been hit by ransomware reported were asked for more than $10,000 to unlock their files, and three per cent of the demands topped $50,000.

One of the highest payments ever seen came back in March 2017, when the Hollywood Presbyterian Medical Center in Los Angeles paid out $17,000 in bitcoin.

Malwarebytes’ report found that a fifth of British companies who had been hit by ransomware reported were asked for more than $10,000 to unlock their files, and three per cent of the demands topped $50,000.

However attacks targeting individual consumers typically ask for ransoms in the hundreds of pounds or dollars.

  • What steps should I take if my business is hit by a ransomware attack? 

As with many cyber-attacks, staying calm and not panicking is always a useful first step.

Paying the ransom is not usually advisable, not least for the fact that it will only continue to encourage future attacks. Even if you do pay and get your files back, hackers may still have access to your device, meaning you could be hit again in future, leaving you even further out of pocket.

Unless all of your devices come under attack at once though, it should be possible to search online using a mobile or tablet device to see what steps you are able to take if your PC is hit.

Many of the world’s top online security firms offer free ransomware decryption tools, with the likes of Kaspersky working with Coinvault and Bitcryptor to help out consumers in need.

  • How can I protect against ransomware attacks?

As with most of the guidance towards staying safe online, protecting yourself from ransomware is largely a matter of common sense.

Keeping all your online security products updated, and ensuring you make frequent back-ups of all your data are simple steps, but may help reduce the impact of an attack.

The amount of investment and research carried out by antivirus firms these days means that even the free services are able to keep on top of the latest threats - and point you in the right direction if anything more serious appears.

Cyber-attacks are often designed to target large numbers of victims at once, so it's likely you will not be the only one affected.  As mentioned, the leading antivirus researchers always keep an ear to the ground to track the latest attacks, and should be able to offer guidance on the immediate steps.