Cyber CitadelCyber Citadel
Resources

Your Money or Your Data: The Issue of Ransomware

A white paper examining the growing ransomware threat, the different types of ransomware, and how organisations should prepare for and respond to an attack.

Back to Resources

Watch: Your Money or Your Data

Ransomware has become the modus operandi of cybercriminals in the last five years. Names like CryptoLocker, WannaCry and Petya have become synonymous with cyberattacks, being at the heart of the most devastating and high-profile recent cases of cybercrime.

Put simply, ransomware (or ransom malware) is a type of malware that blocks you from operating your system, accessing your files, or reading them until you pay a fee. Mostly, it doesn't involve any actual theft of data, but rather just holding that data "functionally" to ransom.

What's in This Ransomware White Paper?

Types of Ransomware

There are three main types of ransomware that organisations need to be aware of: Fake, Screen-locking and Encryption. Fake ransomware attempts to frighten victims into paying by displaying alarming messages, but does not actually lock files or systems. Screen-locking ransomware prevents access to the device by displaying a full-screen message that cannot be dismissed. Encryption ransomware is the most dangerous variant, using strong encryption algorithms to render files completely inaccessible without the decryption key held by the attacker.

How to Deal with Ransomware

Our white paper covers what organisations should do in the event of a ransomware attack, from the initial response through to the difficult question of whether to negotiate with the attackers. The immediate priority must be containment — isolating affected systems to prevent the malware from spreading further across the network. From there, organisations need a clear decision-making framework for evaluating their options, including the viability of restoring from backups and the risks associated with engaging with the attackers.

Preparing for an Attack

The most important message of this white paper is to be prepared. Ransomware attacks are increasing in both frequency and sophistication, and no organisation is immune. Preparation means maintaining regular, tested backups; keeping systems patched and up to date; training staff to recognise phishing attempts; and having a well-rehearsed incident response plan that can be activated immediately when an attack is detected.

Ransomware attacks are increasing in both frequency and sophistication. Preparation is the single most effective defence an organisation can invest in.

Ready to protect your company and launch your SOC-as-a-Service?

Get StartedUnsure? Talk to a cyber security expert