Cybersecurity Awareness Month: What is Ransomware?
FBI Portland Special Agent Gabriel Gunderson answers questions about ransomware during Cybersecurity Month.
Video Transcript
What is ransomware?
Ransomware is a form of malicious software that targets your data. If ransomware infects your device or network, the ransomware actors behind that attack have the ability to lock you out of the data stored on your devices or network. They will demand you pay a ransom – usually by cryptocurrency. They claim they will give you the “key” to recover your data if you pay, but there are no guarantees.
Who is most at risk for ransomware attacks?
There are three basic groups who can suffer ransomware attacks:
- Businesses – both large and small
- Individuals; and
- ·Public agencies and public service providers
What’s the risk to individuals?
When these kinds of attacks first started, ransomware actors often targeted regular people at home. The majority of attacks now go after larger targets, but individuals still need to take precautions. The loss of wedding photos or videos of your newborn are irreplaceable.
What’s the risk to businesses?
Any business can be vulnerable, but we are particularly concerned about small and medium-sized companies. They often don’t have the expertise or, they think, the funds to invest in the robust security they need. If you are a business owner, please take the time to learn about some simple steps you can take to protect your business. Otherwise, one bad ransomware attack can cause you to shut your doors for good.
What’s the risk to public agencies and service providers?
We are seeing attack after attack targeting hospitals, health care providers, government agencies, and schools. Not only do these organizations risk a loss of money, they also hold sensitive information that the attackers can pull out and re-sell on the dark web. Beyond that, there are real world consequences of a hospital that is unable to care for patients.
How do ransomware attacks usually start?
Ransomware actors will often send ransomware through email phishing campaigns. Once anyone on your network clicks on an infected file or link, the fraudsters can have access to all of your devices and data. They encrypt the system, effectively locking you out.
How much can a ransomware attack cost?
The ransom demands may range from a few hundred dollars for an individual to millions of dollars for a big company, hospital, or utility. But the ransom is only the start. Organizations risk loss of productivity, legal fees, and the need to purchase credit-monitoring services for employees and customers.
What are some basic steps to take to avoid a ransomware attack?
To avoid a ransomware attack, you should:
Educate yourself and your employees as to how to identify and manage phishing lures.
Back up your data often and keep back-ups segregated and offline from normal operations.
Make sure that all devices on your network are using the most current versions of operating systems and applications; and
Keep your anti-malware software up-to-date.
Should I pay to unlock my system?
The FBI recommends that victims do NOT pay a hacker’s ransom demand. The payment only encourages more criminal activity, and, even if you do pay, there is no guarantee that the hacker will unlock your data, hasn’t already downloaded your data for re-sale, or won’t return for another round of ransom.
Video Download
Video Source
Recent Video
- 09.12.2024 — Prevent Mass Violence Campaign PSA 1:1
- 09.12.2024 — Prevent Mass Violence Campaign PSA
- 09.10.2024 — Inside the FBI Podcast: Safe Online Surfing Program Returns for 2024
- 09.09.2024 — Fighting Fraud
- 08.22.2024 — FBI New Haven Issues Warning About Financial Sextortion
- 08.19.2024 — Frauds and Scams PSA (1:1)
- 08.19.2024 — The FBI Warns of Frauds and Scams
- 08.16.2024 — FBI and Connecticut Attorney General Warn of Scams
- 08.14.2024 — FBI New Orleans Op Clean House
- 08.14.2024 — Director Wray Public Service Announcement on Frauds and Scams
- 08.07.2024 — FBI Charlotte Teen Academy 2024
- 08.05.2024 — Ask an ASAC: Violent Crime
- 08.05.2024 — FBI Richmond Seeking Diverse Special Agent Applicants
- 08.02.2024 — Inside the FBI: Investigating Assassination Attempts
- 08.01.2024 — Ask an ASAC: Cyber
- 07.31.2024 — Students Get Inside Look at Life as an FBI Agent
- 07.31.2024 — FBI Cleveland FAIT Students Dust for Fingerprints
- 07.31.2024 — FBI Cleveland FAIT Students Learn From Bomb Tech
- 07.31.2024 — FBI Cleveland FAIT Students Do Fitness Test
- 07.25.2024 — Upcoming FBI Los Angeles Diversity Agent Recruitment (DAR) Event
FBI Weekly Newsletter
Subscribe to our email newsletter for news on the FBI, sent out every week.