Early on the morning of May 12, 2017, a computer user in Europe opened an email attachment that unleashed a virus called WannaCry. Soon, the virus spread across at least 200,000 computers around the world. Hospitals, telecommunications companies, manufacturers, oil companies, and other organizations were suddenly locked out of their own information. The cybercriminals demanded the equivalent of $300 in Bitcoin to unlock each of these accounts.
What is ransomware and how can companies protect themselves from these kinds of cyberthreats? Here are five things businesses should know.
- What is ransomware?
Ransomware is a type of malicious software (malware) that encrypts computer hard disks and locks them down until the users pay a ransom in exchange for their data to be decrypted—returning access back to the user. The recent attack exploited a Windows vulnerability to install the malware and then spread it around the world.
- When did the first ransomware attacks occur?
The first recorded ransomware attack emerged from a floppy disk in 1989. Since then, these attacks have become more and more sophisticated. Today, cybercriminals spread malware using techniques such as phishing emails, compromised websites, free software, and infected advertisement banners.
- What was unique about this recent ransomware attack?
Although ransomware attacks are not new, this recent attack was unique in its ability to quickly propagate across networks, allowing it to rapidly spread to other Windows systems across the globe.
- Can having the right information security technology protect my company from ransomware attacks?
It’s definitely a start. But it’s not just a question of installing the right security technology. Many companies are already well-covered by the most updated security solutions; however, these solutions form only a piece of a comprehensive cybersecurity program.
- What else can companies do to protect themselves from ransomware and other cyberthreats?
They can take a top-down, business-oriented approach to cybersecurity. This includes implementing both organizational and technical countermeasures across every level of the corporation. Everyone in the company, including the board and c-suite, should understand the cyberthreats we face today and the financial, reputational, and business risks they pose. Empowering a dynamic chief information security officer (CISO) to call the shots and educate others can make a big difference.