Ransomware attacks are an increasingly popular style of cyber attack.

Ransomware is a type of malicious software, also known as malware.

Most commonly, a ransomware attack will deny a user access to a system or data until a sum of money is paid.

While it may appear to affect only one device, it is more likely to impact an entire network.

Following the attack, you and your organization will receive a ransom message from the threat actor.

Threat actors will claim to return access to your files and systems in exchange for a certain amount of money.

Typically, the threat actor will ask for a payment to be made in cryptocurrency because it is much harder to trace.

Ransomware attacks can be extremely damaging for many reasons:

• Financial damage. Ransom demands can be very high and there's no guarantee that you will regain access to your files even if you pay.
• Operational damage. The lack of access to files and systems can completely disrupt day-to-day functions and may hurt the organization’s reputation if a service is disrupted
• Personal damage. Threat actors may exfiltrate an organizational and client data and leak it, even if the victim pays the ransom.

In extreme cases, such as a hospital losing access to its systems, ransomware attacks can even lead to a loss of life.

The best protection from ransomware is to prevent it from happening in the first place.

It is vital to have strong cyber hygiene practices and to stay vigilant against other types of cyber attacks, such as phishing, which can be the initial source of the malware.

It is also important to regularly backup your files to prevent data loss and encrypt files that contain sensitive information to prevent data leakage.

Thank you for watching.

For more information on social engineering and how to stay cyber safe, visit cybersecurityontario.ca.