Going to Microsoft Ignite? Stop by booth #1504 to meet the Netwrix team! Learn More

7 Ransomware Myths Busted

Of today’s cyber security threats, ransomware is a modern scourge. Even though it has made a number of headlines in the past couple of years, ransomware is still surrounded by myths. Dispelling those myths is one of the key factors of developing an effective information security strategy.

Here are the top seven ransomware myths, busted:

Myth #1: Ransomware targets big companies.  Small or medium businesses are not going to be attacked

Truth: Hackers see small businesses as an easy target. Attackers believe that small organizations do less to protect themselves while big companies spend huge budgets for various cyber security systems. Therefore, it’s easier to invade a small’s company system than mess with a giant. The attackers are clever. They do not ask for millions. To unencrypt the files, they ask for an amount of money that is significant but “acceptable” to the victim. In the case of a small organization, the ransom is around $300 – enough to make a good amount of money for the attackers and small enough that the victims are likely to pay.

Myth #2: There are enough tools to affordably decrypt my files in case of a ransomware attack

Truth: Only a small number of ransomware viruses has been effectively removed, and most of these are already out-of-date. The reason is that ransomware threats are very hard to reverse engineer in order to obtain the algorithm used to generate the encryption key. Therefore, if you consider paying for ransomware decrypting software, you risk being fooled. Remember that in some cases, people have paid more money for fake ransomware decrypting solution than they would have paid for the ransom itself!

Myth #3: I’ll be able to recover any data attackers encrypted from a backup without paying the ransom

Truth: More than half of ransomware victims fail to recover their data from backup. The foremost reasons for incomplete backup recovery are unmonitored backups, loss of accessible backup drives that were also encrypted, and loss of between 1-24 hours of data from the last incremental backup snapshot.

Banner_Ransomware_3

Myth #4: Ransomware mainly comes from dodgy websites, and all I need to do is stay away from them

Truth: Infected emails containing malicious links or attachments are the main sources of ransomware contaminations. According to the Osterman Research Survey, users are more than twice as likely to be infected by clicking on something in an email than by visiting an infected website.

Myth #5: If I receive an infected email one day, it’ll be easy to detect since they’re all about sexual services, lotteries and weird products

Truth: Ransomware designers have become very sophisticated in creating infected emails. They now customize email content using local companies’ names and brands. Infected emails can look completely ordinary at first glance by using the name and logo of, for instance, a local delivery company or government agency.

Myth #6: A lot of ransomware attacks are actually fake. I’ll be able to get my data back pretty easily

Truth: Fake ransomware attacks are relatively rare. Even though there is always a slight possibility the hackers may be trying to fake you out, the ransom demand is usually legitimate and your files have likely been really encrypted. You can make sure it’s not a scam by checking basic attributes such as whether the ransom has a name or a support email address (real ransomware usually does).

Myth #7: Ransomware problems are quite rare since only big hacker groups are able to design them

Truth: The barrier to entry in the ransomware market is decreasing due to multiple Ransomware-as-a-Service programs from the Dark Web. Nowadays, even criminals who aren’t technically inclined can carry out ransomware attacks that use complex encryption. All they need to do is to buy a ransomware subscription from a hacker gang for a few hundred dollars to start deploying it in the wild.

You may be interested in: