Ransomware 101

September 19, 2023
Ransomware warning

Let’s Talk About Ransomware

You’ve probably heard of business websites and systems being hijacked by cybercriminals demanding cryptocurrency or other forms of payment. Maybe you haven’t thought about it much beyond that. But facing a ransomware attack can put your business operations and profits in jeopardy, so it is important to understand what ransomware is and some ways you may be able to prevent a ransomware attack. We’ll share some information about ransomware and tips for preventing a ransomware attack with you here.

What Is a Ransomware Attack?

According to the FBI, Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Businesses, including many small businesses, can become victims of a ransomware attack. Cyber threat actors will demand a ransom after the data is encrypted and is no longer accessible by the business. The data encryption could include files, databases, systems, and applications. 37% of all businesses and organizations were affected by ransomware in 2021.

Here are a few common ways ransomware can be delivered and deployed and tips for preventing ransomware:

Phishing Emails

Cybercriminals can put a convincing email together that looks legitimate. Employees sorting through the many emails they get may be prone to automatically opening such an email. This can lead to a redirect that automatically downloads malware. Often, the malware looks like a common file type like a Microsoft Word or Excel file, or a PDF. Opening these files can trigger the ransomware.

What a business can do to help prevent malware from phishing emails: Only open files received from a trusted source. If you receive an email from a client company contact whose name you don’t recognize, contact the company to verify their identity first. Preview URLs before clicking on links. Educate employees on these practices.

Pirated Software

Pirated software introduces huge cybersecurity risks. If a business suffers a loss due to the use of pirated software and files a claim with their cyber insurance carrier, the carrier may deny the claim.

What a business can do to prevent cyber-attacks from pirated software: This risk can be the easiest one to prevent. Only obtain software from legitimate sources and keep it updated. If it is a matter of affordability, check out the free tools offered by Google, like Docs and Sheets.

USB and Flash Drives

Hackers can load ransomware software onto flash drives. The software infects the business’s system when it is plugged into a port.

What can a business do to prevent flash drive malware downloads? Keep computer antivirus software up to date. It should be effective at catching any embedded ransomware before it causes a problem.

Visiting Unsafe Sites

We’ve all had our browsers stop us from visiting certain sites before. This is the browser’s way of reducing the incidence of ransomware. Sometimes a legitimate website can be compromised by a cyberattack, and there’s an automatic redirect to a malicious website.

What a business can do to prevent ransomware on malicious websites: An ounce of cyber prevention is worth a pound of cure. Remove unnecessary browser plug-ins and make sure the browser is up to date. Consider installing an ad-blocker that prevents pop-ups.

How to Respond to a Ransomware Attack

If a business website is your livelihood, having it held for ransom can be beyond infuriating. You may feel helpless and, perhaps, very inclined to pay the ransom and move on with your life. Consider these statistics before deciding to pay the ransom. 32% of businesses do pay the ransom but they tend to only succeed in getting 65% of their data back. While paying the ransom is an option despite being a roll of the dice, here are some alternatives to consider.

Have everyone in the business log off. Stop the ransomware spread by making sure no one is accessing their computers after ransomware has been detected.

Contact the hosting company. The business’s website hosting company has a vested interest in ensuring that the malware that has infected the system and the website does not spread further. They may be able to help regain control of the server space.

Engage your cyber insurance company. Some cyber insurance policies include coverage for forensic IT services and restoration of the computer system.

Revert to a backup. If a business has a website backup, they can have the website host revert to the backup. Try to make a list of the website’s updates and improvements that might not be included on the backup so the business can hit the ground running when the website is restored. Scan the backups before reverting to them to avoid re-introducing the infection.

Contact law enforcement. Consider contacting law enforcement in the event of a ransomware incident. The authorities may be able to identify the source and warn the public. They may have advice for ways to prevent ransomware incidents going forward.

Hire a security expert. A security expert is well-equipped to detect ransomware and repair the damage. This repair can be time-consuming, so it may be best left to the experts.

Improve the security software. When your business is back online, you won’t want to experience a ransomware incident again. Ensure that security software (antivirus software and software scanners) is in use and updated on all the business’s computers and systems.

Educate employees. Employees are your frontline in preventing cyber threats!

Why Cyber Insurance Is Important

Cyber insurance is one option that can help protect your business against losses resulting from a cyber-attack like ransomware. While it can’t prevent ransomware, it can be a good ally when it comes time to notify the affected customers, if needed. Cyber insurance typically covers the costs associated with restoration of lost data, lost business due to business interruption, restoration of computer systems, and related legal services. The fees for these services are not typically covered under other types of business insurance policies.

We hope this helps you understand what ransomware is, how to help prevent it, and how your business might respond to it. More than anything, we hope your business avoids becoming a victim of ransomware and other cyberattacks. Looking for more help? Check out our Cyber Insurance Checklist and contact the cybersecurity professionals at Acrisure Cyber Services.

The insurance products described are placed by Acrisure, LLC and/or its insurance producer affiliates. The non-insurance cybersecurity and related cyber services described are provided by Acrisure Cyber Services, LLC, an affiliate of Acrisure, LLC.

Share a Story

Have you noticed a trend in financial services? Curious how
we craft our content? Looking for Acrisure to comment in
the media?