Written by Michael Feder
Reviewed by Kathryn Uhles, MIS, MSP, Dean, College of Business and IT
Among other forms of malware, ransomware blocks you from accessing your files, passwords or additional personal information until you pay a ransom to regain control. Ransomware appears in 10% of all data breaches, doubling its frequency in a year.
While malware such as viruses, spyware and bots can injure your device’s productivity, ransomware will lock you out of your system until you pay to remove the malicious program. Find out how ransomware can compromise your computer systems and how you can avoid it.
Ransomware may come from numerous sources. Whenever a user visits a compromised webpage, opens a malicious email attachment, downloads an infected program, or communicates with another user whose device is infected with malware, ransomware can attach itself to their device.
Often, ransomware can reach your device through popular digital communication tools like email and instant messaging phishing attacks. In other cases, ransomware can spread through insecure public internet access.
At times, ransomware can also reach your device when you visit a malicious website. Known as “drive-by downloading,” this ransomware attack occurs when you unknowingly reach an infected website. Even if you only visit that website for a few seconds, ransomware can attach to your device.
Ransomware attacks don’t usually begin the moment you download malware. It works first by infecting your device, then by locking — often encrypting — your data. This usually means you can still turn your device on but cannot access information stored in documents or databases.
After an attacker uses ransomware to lock down your data, users typically receive a ransom demand. This offer can be made in several ways. You might notice that your background image has changed to the ransom demand. In other cases, hackers will replace your files with a copy of the ransom note.
Many types of ransomware also work to maximize damage after they infect a device. For example, Maze ransomware scans your files and steals valuable data even if a ransom is paid. Another ransomware variant, WannaCry, also uses your device to search for other devices it can attack and encrypt.
Whether you’re an organization or a private device user, ransomware is an intimidating form of malware. Fortunately, there are several steps you can take to protect your devices from malicious attackers. These same steps can also help you limit damage if your device is infected.
An important first step in preventing ransomware is developing an IT disaster recovery plan. This plan helps your entire organization protect against ransomware, while identifying critical first steps in the event of a ransomware attack.
The right IT disaster recovery plan helps with far more than post-attack recovery, and should also include the following elements:
Your IT disaster recovery plan can look different from another organization’s plan. It’s important to customize your plan to the size and strengths of your organization and ensure all employees are aware of the plan’s steps in the event of a ransomware infection.
Updating device systems is an even simpler approach to preventing ransomware attacks. Attackers often target users with outdated devices, or with outdated device operating systems, because their security parameters can be less protected.
After updating your device’s systems, it’s also important to update the programs you use. After a sizable operating system update, for example, your device’s programs might require an update to maintain compatibility. Hackers may find vulnerabilities to target with a ransomware attack if your updated device uses outdated programs.
Whether you store your information on a server or the cloud, it’s important to maintain backup files. Store backup files in a separate location, preferably on a different device, to keep them accessible if you ever need them.
During a ransomware attack, backup files can often save your organization thousands, if not millions, in lost payments. Without backup files, your organization may need to spend time, and money, pursuing IT strategies that help restore file access.
You must frequently update your backup files to ensure they reflect any changes. Many device users trust cloud computing to back up their files securely since cloud storage solutions are typically secure — and you can set them to automatically back up your device’s files regularly.
You can improve security on your devices in various ways. Many of these strategies are preventive:
You can also take proactive steps to improve your device’s security:
These and other measures can help keep your information safe, particularly when you use shared or public networks.
As attackers grow more advanced in their ransomware deployment methods, IT teams are developing new ways to prevent malware, including ransomware, from reaching sensitive information. One emerging cybersecurity strategy — an intrusion detection system (IDS) — consists of programs that proactively alert IT personnel to security threats.
An IDS typically relies on both signature-based and anomaly-based intrusion detection. Signature-based protection compares ransomware threats to trends in your network to identify possible threats before they affect device performance. Anomaly-based detection uses machine learning to classify all device activity as normal or risky, depending on how users on your network normally operate.
IT professionals can help you with every phase of ransomware protection, including proactive device protection, backing up your files, regularly scanning device activity and even mitigating issues after an attack.
If you yourself are considering joining the evolving world of cybersecurity, you’ll need to complete a few initial steps. Many employers prefer candidates with at least an undergraduate degree in technology. Students sometimes prefer online technology degrees, given the greater flexibility and the freedom to work while they learn.
Aspiring cybersecurity professionals may choose to pursue a bachelor’s degree in information technology, which can help prepare them to mitigate and prevent IT risks like ransomware attacks and other malware. This degree sharpens key skills in systems analysis, information systems, operations and cybersecurity.
Whether you’re seeking to gain a basic understanding of information technology or cybersecurity, or you’re a working professional looking to expand your skill set, University of Phoenix (UOPX) offers online course collections, bachelor’s degrees and master’s degrees. Learn more about undergraduate and graduate online technology degrees from UOPX and start your IT journey today!
A graduate of Johns Hopkins University and its Writing Seminars program and winner of the Stephen A. Dixon Literary Prize, Michael Feder brings an eye for detail and a passion for research to every article he writes. His academic and professional background includes experience in marketing, content development, script writing and SEO. Today, he works as a multimedia specialist at University of Phoenix where he covers a variety of topics ranging from healthcare to IT.
Currently Dean of the College of Business and Information Technology, Kathryn Uhles has served University of Phoenix in a variety of roles since 2006. Prior to joining University of Phoenix, Kathryn taught fifth grade to underprivileged youth in Phoenix.
This article has been vetted by University of Phoenix's editorial advisory committee.
Read more about our editorial process.
Read more articles like this: