All businesses handle some form of confidential information. When malicious software (‘malware’) like ransomware, steal that information, your business can suffer significant harm. In this article, we will explain the difference between malware and ransomware to help you protect your business.
What is malware?
Malware is a word used to refer to all malicious programs. These include viruses, spyware, bots, bugs, credential harvesting malware and ransomware.
How do malware scams work?
Cybercriminals or scammers send the recipient emails or social media messages with a link claiming to be something exciting or topical such as the news or events. The link will usually direct the recipient to a fake but seemingly legitimate website and ask to download a software like ‘codec’. Alternatively, pop-ups can appear while accessing websites. These pop-ups offer and request the user to download free software to gain access to games, movies, music or other content.
Once downloaded, the software will allow the cybercriminal to access your files or watch your computer activities. A typical example would be watching you input your personal information, such as credit card numbers and passwords.
What is ransomware?
According to the Australian Cyber Security Centre, ransomware is a form of malware. It is a financially-motivated crime where after opening a malicious email attachment or link, prevents a person from using and accessing anything on the computer. The cybercriminals hold a person or organisation’s information until they pay a ‘ransom’ with the promise of restoring access. Examples of common ransomware include WannaCry, Petya and NotPetya, Locky, NetWalker, Jigsaw and Bad Rabbit.
How does ransomware enter your computer?
Similar to other malware scams, ransomware enters the computer by email. The email address appears to be from a credible address and invites the recipient to click on an attachment. The ransomware is activated when the recipient opens the attachment.
Examples of ransomware and other malware attacks
1. Businesses
As businesses continue operations through remote working, COVID-19 has highlighted that business without updated, and robust security measures have been the target for malware and ransomware attacks. Up until September 2020, the cybersecurity company ‘Crowdstrike’ has detected more than 40,000 cyber-attacks this year which is 15% higher than in 2019 as a whole. While there have been large-scale and state-sponsored attacks, Crowdstrike’s investigations suggested that criminal groups are also heavily involved.
Additionally, as technology has allowed us to access the Internet from almost any device, it is becoming easier for malware to access business systems. These include printers, smartwatches, phones and tablets which are now usually connected to the Internet. Companies that have been the target for ransomware attacks this year include Lion, Quest Worldwide Consulting and Jands.
2. Legal profession
Law firms hold some of the most confidential information regarding their clients, evidence and the firm itself. An example of this occurred in 2017 when law firm DLA Piper shut down digital operations due to malware on their system. As a result, the firm set up a 24/7 Rapid Response line to maintain communications with their clients in the event of another cyber attack.
Both examples highlight that all businesses, companies and organisations should implement an IT strategy to combat potential threats. These include scanners that detect potential threats in emails and the organisation’s intranet.
What should you do when affected by malware or ransomware?
We recommend that you do not pay the scammer or cyber-criminal if affected by malware or ransomware. There is no certainty that paying will restore your device or system. The Australian Criminal Intelligence Commission insists on reporting all cybercrime activity through the ReportCyber website.
What are some strategies to mitigate malware and ransomware attacks?
We recommend a range of strategies which include:
- backing up all data, files and systems;
- using and regularly updating antivirus software;
- regularly updating security software;
- changing passwords;
- storing backup data offsite; and
- educating yourself and your employees on malware and ransomware.
Need further advice?
It is imperative to protect your business’ information. The extent of the harm depends on the effectiveness of your cybersecurity and IT mechanisms. Updating systems while restoring access, your reputation and databases after malware or ransomware attack can affect your business’ time and money. We recommend setting up these mechanisms earlier and continuously updating them regularly. To seek advice about how to protect your business, we insist on consulting with our IT Lawyers.
We also recommend you watch our webinar session titled ‘Cybersecurity and Protecting Your Business Online‘, which was held on Thursday 17th September 2020.
