Skip to main content Skip to page footer

Ransomware attacks explained simply

Almost 60% of German companies are said to have already been exposed to a ransomware attack once or several times, and the trend is rising. There is no such thing as complete protection - but there are sensible measures that have proven effective in minimising the damage.

 

Ransomware is software that encrypts the system of the attacked party and renders it unusable. The legitimate user can regain access to his or her data by paying usually significantly inflated sums, preferably in cryptocurrencies such as Bitcoin. There are also scenarios in which the blackmailers threaten to pass on the hijacked data to third parties.

Ransomware attacks are carried out in completely different ways:

  • The malware programmes hide in email attachments that a user has clicked on in a careless moment.
  • Visiting an infected and prepared website can also be sufficient, the keyword being "fake websites".
  • Or an infected data carrier is inserted into a computer.

Important for your IT security strategy: There is no complete protection against such attacks, as the competition between hackers and software manufacturers against computer malware is too fierce.

This means that measures must be taken to maintain operations as far as possible and minimise the damage:

  • A sophisticated and proven backup strategy to be able to return to the state before the attack as quickly as possible.
    Of course, only after the malware has been completely eliminated.
  • Separateyour network into individual sections so that the entire (IT) infrastructure does not become part of the attack.
  • Also consider production systems and machines. The attack vectors for ransomware attacks are increasingly extending to IoT devices and other devices.
  • Monitor your systems. You will be informed at an early stage before your IT systems are overloaded and may no longer function. You get an assessment of how the current performance is affecting your business processes - and which adjustments you can make to get even more out of it. It is best to set up customised reporting as a service from a service provider.

Practical tip:

The acquisition of SIEM systems (Security Information and Event Management) helps to save important time. This is because affected systems exhibit abnormal behaviour: Within a very short time, the stored files are encrypted, i.e. changed. Algorithms can recognise this.

More about IT security at SpaceNet

We help you to keep track of your IT security amidst the flood of providers and services.

Get in touch with us now

Webinars
& Events