Ransomware: How it impacts your business

Ransomware is malware that can lock a device or encrypt its contents in order to extort money from the owner. In return, operators of the malicious code promise – of course, without any guarantees – to restore access to the affected machine or data.

Reading time icon

3 min read

Reading time icon

3 min read

What is ransomware?

The term ransomware refers to a specific type of malicious software used for extortion. During a ransomware attack, the malware accesses and encrypts data stored on the disk, rendering it inaccessible, and often locks the screen as well. The victim then receives a demand for money in return for access.


Ransomware is usually distributed via email attachments, links in social media messages or downloads from compromised websites. It’s become increasingly common: According to the CyberRisk Alliance, a business falls victim to a ransomware attack every 40 seconds, adding up to a projected $11.5B in damages as of 2019. And ransomware cases continue to increase— the insurance firm Beazley reported a 25% uptick in Q1 2020 alone. 

Read more

Types of ransomware

  • Diskcoder ransomware encrypts the whole disk and prevents the user from accessing the operating system.
  • Screen locker blocks the access to the device’s screen.
  • Crypto-ransomware encrypts data stored on victim’s disk.
  • PIN locker targets Android devices and change their access codes to lock out their users.
All the above-mentioned kinds of ransomware demand payment, generally to be paid with bitcoins or other hard-to-trace cryptocurrency. In return, its operators promise to decrypt the data or restore access to the affected device. However, there’s no guarantee that cybercriminals will deliver on their side of the bargain. Security experts recommend that you don’t pay up, as it simply encourages more attacks. You should also reach out to your IT security provider tech support team to see what possibilities exist for decryption.
Ransomware image
Spread the word and share online

Examples of ransomware

In May 2017, a notorious ransomware attack known as WannaCry spread rapidly across the globe. Targeting computers running Windows OS, WannaCry encrypted files to make them impossible to access—then demanded a ransom in bitcoins in order to decrypt them. Hundreds of thousands of computers were affected, impacting government offices, railway networks and businesses worldwide. In the UK, hospitals were knocked offline and the National Health Service had to turn away non-critical emergency patients. Another example is 2013’s CryptoLocker, which infected more than 250,000 systems and was believed to have earned more than $3 million for its inventors.

Why do you need protection from ransomware?

Obviously, losing access to all your data will have wide-ranging consequences. Businesses like hospitals—where being unable to access vital information can be life-threatening—and financial institutions that depend on instant access to records and funds are especially vulnerable to harm. But even small businesses are popular targets, as they may lack the security or training to prevent attacks and are seen as easy marks by criminals. Protection and prevention are key, because even if you pay a ransom, there’s no guarantee that your data will ever be restored to you. 
Ransomware image

How to protect against ransomware?

  • Use a reliable, multilayered security solution
  • Use a Virtual Private Network (VPN)
  • Regularly train your staff to recognize and deal with phishing attacks
  • Back up your data on a regular basis—and keep at least one full backup off-line, in case you do fall victim to ransomware
  • Keep all your software, including operating system, patched and up to date
Because ransomware is often distributed via innocent looking email attachments or web links, it’s extremely difficult to detect. Your best defense is advanced detection and analysis via cloud-based sandboxing.  

ESET LiveGuard Advanced (ELGA)

ESET Dynamic Threat Defense - screenshot
ELGA detects and blocks threats, including ransomware, by analyzing new files in a cloud sandbox to fully understand their behaviors. When a suspicious email or file that may be carrying ransomware is received, ELGA isolates it immediately. Your entire organization is protected as soon as the file is submitted, so malware never reaches your users, network and endpoints. Via machine learning and behavioral analysis, ELGA will identify the file's true purpose while keeping it quarantined. Based on its behavior, the file will either be released or deleted—all within minutes of the initial detection.
MENUCLOSE
ESET Smart Security Premium box

Ultimate
protection

ESET Smart Security Premium

Advanced
protection

ESET Internet Security

Essential
protection

ESET NOD32 Antivirus

Small and Home  office protection

Easy-to-use device security with advanced privacy features

ESET Mobile Security for Android

Keep your Android device safe. Wherever you go

ESET Parental Control for Android

Protect your children online with confidence

ESET Smart TV Security box

ESET Smart TV Security

Internet of Things security starts with your TV

Renew my license

Renew, upgrade or add devices to your license

Existing
 customer?

Manage your license, update date and more

Download

Install your protection or try ESET free for 30 days

Download

Install your business protection or request a free trail

Why ESET?

Superior technology

Learn more about our unified cybersecurity platform

Industry recognition

ESET cybersecurity solutions are recognized and industry-wide.

Corporate blog

Cybersecurity news from ESET's award-winning researches.

Customer zone

Existing
customer?

Manage your license, update billing information and more

Live chat

Need help purchasing, renewing a license or have product questions?

Business sales

for business customers

For business sales call:

1-844-824-3738

MONDAY - FRIDAY, 6AM - 5PM PT