What is Ransomware?

Ransomware, as its name suggest, is a virus type that literally holds your data hostage until a sum of money is paid. This Malware type will encrypt data on an individual’s PC and for more advanced malware, crawl network shares and resources and encrypt those share resources. This malware type made headlines in February 2016 with the takeover of a major hospital. Hollywood Presbyterian Medical Center, was the victim of the ransomware Locky, which resulted in the inability of Doctors to access patient information and provide lifesaving service for 10 days. In March of 2016, it is reported that 56,000 institutions in the US were affected by this malware type alone. 

  • Vectors:
    In the case of Hollywood Presbyterian Medical Center, it is assumed that the vector of infection was via a Microsoft Word document, received in an email and inadvertently opened by an employee. While email is a common vector, other vectors may include infected websites or USB drives that are plugged into PCs.
  • Prevention:
    While technology is the first line of defense in any enterprise, large or small, it cannot be stressed enough that employee education is certainly the last line of defense in preventing malware proliferation. User education is effective in preventing infections where technology fails. Developing a comprehensive security education program is key for businesses of all sizes.