Ransomware
Ransomware is a type of malware that infects and locks up a computer system by encrypting selected files, extorting a ransom from the victim for decryption or not disclosing the data.
There are various methods for infecting devices with ransomware. One of the most popular is sending an email containing a link to a specially crafted website or an attachment containing malware. Clicking the link or opening the attachment triggers the malware download, which attacks the local device and then scans the network for desired files, usually critical ones.
Any internet user could be the target of this attack. It’s important to note that private and public entities operating in the healthcare sector are increasingly becoming targets of cybercriminals, due to the medical data they process. Polish law, under pain of severe administrative penalties, mandates special protection of individuals’ privacy, especially regarding sensitive health data. It’s impossible to ignore the fact that the higher the penalties imposed on administrators for leaking this type of data, the more valuable it becomes to attackers.
Effective protection of information resources against ransomware attacks depends largely on users’ awareness of these threats and their ability to identify them.
Infecting our devices can have very serious consequences, so it’s worth remembering a few rules and tips that will allow us to effectively minimize the risk.
How to protect yourself from an attack?
- Follow the security policies adopted within your organization (procedures, instructions, regulations).
- Periodically back up important data and test its recoverability.
- Install appropriate antivirus software to minimize potential threats.
- Make sure you’re using the latest software versions, especially those critical to security.
- Do not use company equipment for personal use.
- Use network security measures such as VPNs or firewalls.
- Use secure, strong, and unique passwords.
- Do not open files of unknown origin, and if you have any doubts about the sender or content of an email, contact your IT department.
How do I know if I have ransomware?
Files won’t open (Can’t open the file, errors saying “file is corrupted” or has an “incorrect format”).
Spontaneous creation of new files (Files with unusual names and extensions appear on the computer).
Computer performance issues (Noticeable slowdown of the computer, often associated with shorter battery life and increased noise).
Ransom payment instructions (Messages appear in directories and on the desktop with instructions on how to pay to unlock your files).
What to do if you are attacked by ransomware?
Immediately isolate the infected device. Unplug every Ethernet cable, disable all wireless functions such as Wi-Fi or Bluetooth, and disconnect any storage devices.
Put your computer to sleep or shut down.
Report the incident to your IT department.
