In recent years, the problem of cybercrime has grown exponentially and now presents a considerable danger to individuals and firms alike. It's estimated the revenue generated by online crime will total $6 trillion in 2021 alone - with that figure predicted to rise to a colossal $10.5 trillion by 2025. 

Types of attacks

As well as standard virus attacks and security breaches, there has been an alarming rise in the number of ransomware attacks in recent years, particularly aimed at the Small to Medium-sized Enterprise (SME) sector - but just what is this type of attack, how does it work and how can you prevent ransomware affecting your firm? Read on to find out more about this growing and increasingly common security concern.      

What is ransomware?

The clue's rather in the title with this type of cyberattack and ransomware is a way used by hackers to extort money from companies and individuals by essentially taking their sensitive data hostage and demanding a ransom. In a ransomware attack, a hacker will infect the target's machine with malware solely intended to lock it down and prevent access. The malware can lock down files or an entire computer and, if spread across a company network, can even take control of the entire network and every connected computer. If the hacker doesn't receive the requested payment, the machine (or network) will remain locked and encrypted. 

How does ransomware infect a computer?

The most common way ransomware is spread is via email, typically coming from an apparently known and trusted source. Often the hacker will research company employees, then send a bogus email masquerading as a known contact or firm to instill sufficient trust in the target user so that they download, open or install files sent as attachments. It's also not uncommon for the hacker to redirect the user to an infected website or, again, attempt to appear as a trusted entity and encourage file downloads. For this reason, ransomware is extremely hard to defend against - even if you already employ security on your network - since its installation is normally a manual process, done with the accord of the user.  

How will I know if I've been the target of a ransomware attack?

Ransomware can reside on an owner's machine for many months - even years - before being activated by the hacker. Once activated, the locking process will begin and the user will no longer be able to access their files. At this point, normally a ransom message appears on the infected machine demanding the payment of the ransom to regain control of the locked data. 

How can I protect my firm against a ransomware attack?

The first step to defend against ransomware is creating awareness among your employees of the dangers. Unfortunately, research proves humans are often the weakest link when it corporate security and, unless your workers are aware of how ransomware works and the dangers it poses, they're unlikely to know how to protect against it. As ransomware most commonly comes via email, you should also ensure you operate some form of spam filter and monitoring software to strip or quarantine executable files contained in emails. For an extra level of protection, you should also regularly backup your data to minimize data loss in the case of the worst-case scenario of suffering an attack.