15 January 2021
Initially a problem affecting only large organizations and governments, ransomware is now a scourge impacting SMEs. Indeed, their cybersecurity budgets are generally smaller than large companies, SMEs are easy prey for malicious people. But what is ransomware, also known as Ransomware in English? Ransomware is malicious programs that encrypt your data to make it inaccessible without the attacker’s key. To get the key, and therefore your data, you have to pay a ransom. A new trend is in addition to encrypting your data, attackers exfiltrate it to sell it on the black market; giving them a second source of income.
How is the attack going?
An employee receives a malicious email inviting him to click on a link or visits a hacked site that contains malware. The employee runs the software and the software scans local files and files on the network and encrypts anything of value (word, pdf, excel, cad, etc.). When the job is completed, a message appears on the user’s screen telling them how to pay the ransom.
How can I protect myself from it?
Having local backups is not enough to protect you from this attack as your backups could also end up being encrypted by ransomware, thus trapping you. Your backups must therefore be hosted externally, on a disconnected hard drive or at a cloud provider, for example.
Some antiviruses also offer ransomware detection which can effectively block malware.
Finally, reducing access to files to employees who really need them can greatly limit the damage in the event of an attack. If employees only need to read purchase orders, giving them write permissions puts your business at risk.
Our team of professionals is at your disposal to guide you in making decisions related to information technology. Contact us for more information!