What is Ransomware

What could be worse than a hacker breaking into the entire data system of your company and taking everything from you? Certainly a hacker breaking into your data system and asking for a ransom to bring your data back. And in case you don't pay the ransom, you could lose everything.

The name of this type of cyber attack is ransomware, and it can be a big problem for you and your business if you don't have adequate protection.

How a ransomware attack happens

What makes ransomware so difficult to detect is because it is always very ‘masked’. This malware can be installed on your computer via malicious websites, suspicious links via email, or installation of vulnerable apps. Ransomware can also appear in links sent by social networks, wildly used to spread viruses today.

Once downloaded and opened, a malicious program installs itself and takes control of your data storage.

One of the most aggressive ransomware attack is Petya, also called NotPetya or ExPtr. Which exploits security flaws to infect systems and thus encrypt data and, at the end of the process, make you need a password, which is with the invader, to have access of the data again.

In another variation, called Leakware or Oxware, criminals do not pretend to be 'helping' the user but automatically ask for a ransom after the intrusion in exchange for not disclosing sensitive hard drive data.

Who is the main target?

There is no exact profile of who can be affected by an attack of this type, after all, it is enough to be vulnerable that your company will become a target. But we can identify a pattern of victims:

• Universities – attackers know that this type of institution tends to have smaller security teams, in addition to a large, often heterogeneous user base that shares a large number of files via email;

• Government agencies – This is believed to be because they need to provide immediate access to their files to thousands of users;

• Law firms – this type of company normally has confidential data and possibly can pay the ransom to prevent their data from being blocked or spread by the media.

How not to suffer attacks like these?

It is impossible to say that cybercriminals will not continue with their attacks, but we can say that you can be more safe in your business if they try.

With Cohesity, you can be protected in the fight against attacks. In addition to backing up your data to the secondary cloud to ensure the functionality of your system, Cohesity has Cohesity DataProtect Delivered as a Service, which protects your data before it is attacked and ensures fast recovery if an attack occurs. All this functionality means that your data is immutable so the hackers can't hold your data to ransom.

Contact us and learn more about Cohesity's solutions against ransomware attacks.