Ransomware. You’ve likely seen the word get tossed around in the cybersecurity landscape. But what is ransomware, really—and more importantly, what does ransomware do?

What is a ransomware attack?

Let’s start by tackling the big question: What is ransomware?

According to the FBI, “Ransomware is a type of malicious software cyber actors use to deny access to systems or data. The malicious cyber actor holds systems or data hostage until the ransom is paid.”

This may sound like the plot of a Hollywood thriller—but unfortunately, it’s far from fiction. In 2017, the most destructive ransomware attack to date infected over 200,000 computers in 150 countries, causing billions of dollars in damage in only hours.

The FBI estimates that 4,000 ransomware attacks occur daily. As a site owner, you don’t want to fall victim.

What does ransomware do?

Now that we’ve answered the question “What is ransomware,” you’re probably wondering: What does ransomware do to infected computers?

The short answer is: a lot. For businesses, ransomware attacks can cause data breaches, financial loss, exposure of sensitive information, and even lasting reputational damage. For individual site owners, the potential effects are equally devastating: permanent file corruption and the complete loss of digital property.

Fortunately, it’s possible to prevent—and even recover from—ransomware attacks. Here are four critical measures to keep in mind:

  1. Don’t give in to demands. Malicious cyber actors may request an exorbitant amount of money, threatening to hold your website hostage or worse. Don’t give in—simply updating your password can eliminate their threats.
  2. Stay up to date. Ransomware often exploits vulnerabilities in outdated operating systems. Make sure you’re using modern security measures— malware scanners, antivirus software, and web application firewalls—to lower the likelihood of attack.
  3. Run regular backups. Running regular site backups can help you recover files after a ransomware attack—this way, precious data is not permanently deleted.
  4. Promote smart cybersecurity practices. Negligence is the number one cause of data breaches. Remember: It only takes one click on a suspicious link to become a prime candidate for a ransomware attack. Maintain best cybersecurity practices, this way you won’t need to ask: What is a ransomware attack doing to my computer?

Beware of fake ransomware attacks

Finally, you’ll want to know the difference between real and fake ransomware attacks.

  • During a real ransomware attack, the attacker is already in your system. They typically encrypt all your files, then send the website admin a ransom request to pay for the encryption key. Without a backup, the encryption key is the only way to regain access to your files—which is why ransomware attacks are so effective, to begin with.
  • During a fake ransomware attack, the attacker gets someone’s email and password from a dark web data dump. Then, they send an email saying, “Pay us [X amount] or we’ll delete everything. We have all your information. As proof, do you recognize this password?” This attacker doesn’t actually have leverage against the victim—but sharing a current or previous password can be enough to scare people into action.

If you fall victim to a fake ransomware attack, simply update your password, confirm you have backups running, and refresh yourself on best cybersecurity practices.

This website is a great way to check whether your email has been compromised. If it’s been involved in any data breaches, update your password everywhere it’s used. Even if “Website X” is all that was hacked, you can’t stop at updating the password there since the credentials will often be tested in other login locations—from social media to banking.

Stay protected with SiteLock

As a global leader in website security, SiteLock offers a host of tools to defend against ransomware attacks. Still wondering: What is ransomware—or worse, what is a ransomware attack doing to my site? Contact our team today!