What is Ransomware?
Ransomware attacks against healthcare organisations are becoming increasingly common. However, many individuals are still uncertain as to what constitutes a ransomware attack, and the potential consequences it has on an organisation. This article provides some background on ransomware attacks, outline how these attacks occur, and offer some guidance on how employees can mitigate the risk of such an attack befalling their organisation.
Ransomware is a variant of malicious software (malware) that prevents the victim from accessing their computer, or files on their computer until the victim pays a ransom to the threat actor. Hackers often use phishing attacks to deliver malware to the victim’s device. The hacker sends an email that appears to be from a trusted contact or organisation to the victim. The phisher includes an attachment in the email, which harbours the ransomware. When the victim opens the attachment, the computer becomes infected, and the victim is locked out of their files or device.
Ransomware has become a bigger and bigger threat in recent years. According to Verizon, the communications company, it was the most-used type of malicious software in 2018, accounting for 39% of malware phishing attacks. This figure is double the proportion of ransomware attacks in 2017.
Ransomware attacks may be on the rise because of the availability of the software online. The software needed to perform these attacks is readily available on the dark web. Hackers don’t need any programming skills to execute these attacks. Because the outcome of these attacks can be so lucrative for such little effort, ransomware campaigns have become the attack of choice of many cyber criminals. The victims are left little choice but to pay the ransom to the attacker.
It is not just individuals who are at risk of ransomware attacks. Large organisations, with larger wallets, are witnessing a more significant number of attacks on their systems. The attacker sometimes closes down access to their systems in demand for the ransom. Other attackers hold certain information ransom, such as the private medical information of patients if they attack a healthcare provider. As the organisation could face substantial legal issues if their patient’s data is released, they are forced to pay the fines.
Due to the relative ease at which these attacks occur, it is likely that they will become more common in years to come.
Protecting Against Ransomware Attacks
Implementing strategies to protect against ransomware becomes more difficult as hackers develop increasingly sophisticated attacks. The most straightforward way is to teach employees about the dangers of phishing. If the employees know how to spot suspicious emails, they won’t be inclined to open the attachments and then inadvertently introduce the malware into the system. Preventing the system from being compromised, instead of dealing with the after-effects of the attack, is the easiest way to ensure a company’s security.
Employees should be taught to never open emails from unfamiliar senders. Alternatively, if they do open emails, never follow links embedded in the email or open attached PDF files or images. If they do accidentally click a link in an email or open an attachment, they should be encouraged to contact the IT department as quickly as possible and disconnect their device from the network to try to mitigate the damage. The IT department can assess if the hacker has acquired unauthorised access to the system. They can also tell the rest of the organisation of the potential breach so that others can be vigilant for similar scams.
Experts recommend that an organisation holds regular phishing training workshops, in addition to regular emails informing employees about the latest scams that are circulating the internet.