Infamous groups like Maze, REvil and DarkSide have made “ransomware” a household word. No company is too small or too large to be selected as a victim for these insidious attacks that can have catastrophic consequences. From disrupted services and expensive recovery, to fines from regulators and loss of reputation, ransomware attacks are a serious issue.

In the next sections, we’ll take a closer look at ransomware and how attackers use it to profit at the great expense of their targets.

What is ransomware?

A type of malicious software and often described as crypto-malware, ransomware is designed to encrypt a victim’s key systems and data files, effectively locking them out.

How is ransomware deployed?

Ransomware attacks use a variety of different vectors to hit companies. Among the most common ways to deploy this malicious software is via phishing messages. An unsuspecting employee clicking on either a link embedded in a phishing email or downloading its attachment will activate the ransomware payload. Alternatively, the employee may be led to a phishing site via a fake link, where their company credentials are stolen. The ransomware operators can then access the enterprise’s system and infect it with ransomware.

How does a ransomware attack work?

The ransomware encrypts the victim’s systems, servers, and data files. This means the target cannot access the data it needs in order to operate as a business or, if in the case of a local authority, to provide services to the local community. Those behind the attack leave a digital ransom note requesting a payment in exchange for the safe return of access. The payment is typically asked to be made in cryptocurrency, like Monero or Bitcoin, as it is difficult to trace or reclaim.

What is double extortion?

To increase their chances of success, most ransomware gangs now use double extortion tactics. While locking victims out of data records, they simultaneously steal copies of the files. If the victim refuses to pay, the ransomware gang threaten to disclose the private data online. This typically happens on dedicated leak sites located on the dark web.

It’s worth noting that even if a company pays a ransom and their files are decrypted, the attack still constitutes a data breach, as private information was exposed. Additionally, there is no way to guarantee that any data stolen by ransomware gangs has definitely been destroyed.

Experts in data security solutions

Our secure platform at Galaxkey was designed to provide local councils, educational institutions, and enterprises of all sizes, with a safe workspace free from cyber threats. It has no back doors that ransomware attackers can exploit, and no passwords are stored where they can be stolen.

Our powerful three-layer encryption locks all but authorised personnel out of data. Whether you are sharing files with fellow collaborators or storing records on staff and suppliers on your server or the cloud, our encryption will ensure information remains out of reach of ransomware operators.

Get in touch with our technical team today to experience a trial of our system for 14 days, free of charge, and keep compliant with your data secure.