Ransomware threats: what they are, how they happen, and how to protect against them
October is cybersecurity awareness month. It’s an effort by the U.S. Cybersecurity & Infrastructure Security Agency to make people think about the ways they can personally protect themselves from bad actors and phishing attempts.
As more of us have moved to working online, opportunities for these attacks have increased. Recently, ransomware attacks have threatened both our personal security and the security of our infrastructure.
"We're just opening up the doors and becoming more ripe for things like ransomware which easily finds its way into the network through email and/or particular user behavior that may not be as disciplined as we would like," says Tina Chang, CEO of SysLogic, a Brookfield-based consulting company that helps organizations with cybersecurity.
These attacks come in many forms, sometimes by emails with links that give a bad actor access to the computer's network. Other times, these attacks can be made over the phone by convincing people to download malware or give out information that will give hackers access to the computer.
Walt Schilling, a professor of electrical engineering and computer science at MSOE, says regardless of how a bad actor gets access to your computer, the result is often the same in ransomware attacks: encrypted files and a ransom demand.
"Let's say we were talking about access to your house. You have your key to your house, and you can get into your house; encryption would be the equivalent of someone coming in and changing the locks so that you no longer could get into your house, and the external person would be the only one that could actually access into your house," Schilling explains. "Ransomware then essentially is the idea that you would then potentially pay a ransom to get the locks of your house changed back to the original key."
But there's no guarantee that the hacker will return access to the files if the ransom is paid. So the best idea for people and businesses is to protect against these kinds of attacks before they can happen. Chang says that two-factor authentication — requiring both a password login and a verification through an SMS text — can go a long way in protecting against these types of attacks.
Brice Williams, SysLogic's cybersecurity practice lead, says it can also be helpful to verify the identity of anyone asking for information that could lead to your network being compromised.
"You want to validate someone who's calling [or emailing] you, just to ensure that they are who they say they are... [One example is] calling back their organization via their published phone number, just so that you can reach that same individual," says Williams.