Definition

Ransomware is a type of malicious software that blocks access to a computer system or data, usually by encrypting it, until the victim pays a fee to the attacker. In many cases, the ransom demand comes with a deadline. If the victim doesn’t pay in time, the data is gone forever.

How to Avoid Ransomware Attacks

• Defend your email against Ransomware : Email phishing and spam are the main way that ransomware is distributed. Secure Email Gateways with targeted attack protection are crucial for detecting and blocking malicious emails that deliver ransomware. These solutions protect against malicious attachments, malicious documents, and URLs in emails delivered to user computers.
• Defend your mobile devices against Ransomware : Mobile attack protection products, when used in conjunction with mobile device management (MDM) tools, can analyze applications on users’ devices and immediately alert users and IT to any applications that might compromise the environment.
• Defend your web surfing against Ransomware : Secure web gateways can scan users’ web surfing traffic to identify malicious web ads that might lead them to ransomware.
• Monitor your server, network and back up key systems : Monitoring tools can detect unusual file access activities, viruses, network C&C traffic and CPU loads, possibly in time to block ransomware from activating. Keeping a full image copy of crucial systems can reduce the risk of a crashed or encrypted machine causing a crucial operational bottleneck.

How to Remove Ransomware

• Call federal and local law enforcement : Just as someone would call a federal agency for a kidnapping, organizations need to call the same bureau for ransomware. Their forensic technicians can ensure systems aren’t compromised in other ways, gather information to better protect organizations going forward and try to find the attackers.

Ransomware Recovery

• Learn about anti-ransomware resources : No More Ransom portal and Bleeping Computer have tips, suggestions and even some decryptors for selected ransomware attacks.
• Restore data : If organizations have followed best practices and kept system backups, they can restore their systems and resume normal operations.