Due in large part to COVID-19 and the increased prevalence of remote work, ransomware attacks dominated 2020, and experts predict there will be at least twice as many cases of data theft in the new year.

The U.S. Cybersecurity & Infrastructure Security Agency defines ransomware as “a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid.” It often spreads through phishing emails or when a person inadvertently visits a compromised website. 

Ransomware attacks, however, aren’t new; the first one dates back to 1989, and over the years, the attacks have become more sophisticated and advanced as equipment and technological capabilities have changed.

This rise in cybersecurity crime is why there’s a growing need for cybersecurity professionals to work against these threats. That includes people called penetration testers (also known as ethical hackers). Their job is to infiltrate computer systems on purpose in order to detect and address vulnerabilities that non-ethical hackers could exploit to cause havoc.

Now let’s explore the details of a ransomware attack, the most common types of attacks and how you can protect your company against this potentially crippling catastrophe. 

How Does a Ransomware Attack Work?

In order to become victim to a cyber-attack, you must first allow criminals access to your computer system or network. Of course, you don’t “allow” access on purpose, but have you ever received a suspicious-looking email or pop-up advertisement? Criminals will access your system through a “vector,” some of which include:

  • Email attachments
  • Social media messages (example: Facebook friend requests)
  • Pop-ups

These attachments and messages are designed to look real, of course, so that you’ll click on them, which allows criminals access to your files and information. Once you (Read more...)