Ransomware Exposed: What it is and How it Works

What is Ransomware? How does it work?


Ransomware has become an undeniable threat to business growth, profitability, and security. It’s a ruthless type of malware that prevents you from accessing your data until you pay a ransom, which is usually demanded in untraceable Bitcoin. Cyber criminals are turning this type of attack into big business. They rake in billions each year as many businesses have no choice but to pay up.

In order to avoid a ransomware attack, you need to know what you’re dealing with. 

How does ransomware get into the network?

Ransomware attacks used to spread through USB drives that would float around from unknown sources. Nowadays, cyber criminals operate much more effectively. Ransomware attacks are most commonly spread through phishing emails and compromised websites.

All it takes is one email.

These days, most business communications are through email. So naturally, cyber criminals are utilizing email to spread their attacks.

When going through your emails, you have to be extremely careful before clicking a link or opening an attachment. Ransomware attacks come disguised as legitimate emails that can trick your employees into clicking to an infected website or opening an infected attachment.

Unfortunately, cyber criminals have gotten really, REALLY good at faking emails. That’s why they’re called phishing emails; the cyber criminals are doing everything they can to bait you into opening their ransomware. You may receive an email that appears to be coming from someone in your internal network, or a seemingly genuine inquire from a customer. But if you look carefully, you’ll notice something is off. We recommend checking out this article to learn how to quickly spot the red flags and send those phishing emails straight to spam.

Infected websites aren’t always obvious.

Let’s face it, cyber criminals will infect any web page they can get their hands on, which is why less reputable sites should be avoided. But it’s not just about making sure you and your employees stick to suitable sites. Mainstream websites can also carry ransomware infections that are ready to spread to all visitors. It’s happened before – in 2016 the New York Times, BBC & MSN homepages accidentally exposed thousands of web visitors when their infected site showed malicious ads.

As a general rule of thumb, don’t click on any ads that look suspicious. Additionally, if a webpage has a bunch of pop up ads, don’t click on any – and exit out fast!

What happens during a ransomware attack?

As soon as ransomware is in the door, it immediately scans local and connected drives (including connected backups) and encrypts thousands of files. Within minutes, everything from Office files to multimedia is locked up tight, inaccessible to all users – even admin. A notification will appear demanding a ransom to unlock the files, along with instructions on how to pay it.

At this point, many businesses are on hold until the situation is resolved. Typical options include: restoring from safe, external backups; wiping the entire system and starting again; or paying the ransom and learning a hard lesson in data security.

STG IT Consulting Group can protect your business from ransomware attacks. We can help you with a complete data security plan, including safe backups.

We’d love to meet with you and assess your current cybersecurity systems. 
Click here to schedule a free 15-minute meeting with Stan Kats, Client Engagement Specialist and Senior Technologist.

STG IT Consulting Group proudly serves the Los Angeles and West Hollywood area for all of your IT needs. We look forward to meeting with you!

STG IT Consulting Group's Logo