July 28, 2021

What is Ransomware & How Does it Work?

Earlier this year, Nine Entertainment was targeted by a cyber attack. So, while thousands of Australians tuned into Nine News (or Married at First Sight), the IT teams at the broadcaster were working around the clock to restore the systems, which affected both their broadcast and corporate business units.

But what went wrong? It seems that the cyber attack had all the qualities of ransomware, even though Nine Entertainment did not receive a ransom payment demand. 

Luckily, Nine Entertainment had the IT infrastructure in place to recover from such an attack. “For many smaller organisations,” said Paul Haskell-Dowland of Edith Cowan University, “this kind of attack is fatal.”

Defending against issues like ransomware starts with understanding the threats out there. Let’s dig into what ransomware is, how it works, and how to safeguard your organisation.

What is ransomware?

Ransomware is a type of malware (malicious software) that uses encryption to hold a victim’s information at ransom. In other words, the attacker converts the victim’s information or data into an unreadable code, and demands a payment to restore access to the data.

Ransomware often targets the database and file servers of businesses and governmental organisations, and can quickly put a stop to day-to-day operations.

Although there’s been a recent decline in attacks, it’s still a pretty lucrative business for cyber criminals, who have generated billions of dollars in ransom payments.

How does ransomware work?

Ransomware works by using something called “asymmetric encryption”. This form of cryptography manipulates data in a file by using a pair of public-private keys, where the victim requires access to the private key if they want to decrypt (read) their own files.

There are a few ways cybercriminals might approach a ransomware attack. Often, they use email spam campaigns, complete with dodgy attachments that appear trustworthy. Once downloaded, these attachments take over the victim’s computer and gain administrative access. 

Some other forms of ransomware, such as NotPetya, don’t require email attachment downloads. They exploit security holes, meaning they can access computers without having to trick anyone. NotPetya can spread on its own and therefore can be much more dangerous.

How to protect against ransomware

It’s not all doom and gloom in the world of IT! Organisations can take a best practice approach to protect against ransomware and other types of malware. By reading this guide, you’re already on the right track.

Best practices against ransomware attacks include:

  • Provide training to all staff on ways to prevent or mitigate cyber attacks; make sure they know the signs to look out for
  • Restrict users’ permission to install software applications, as this may limit the spread of malware through a system
  • Only allow approved programs to run on a network
  • Establish strong spam filters for your email system
  • Never click on links or attachments in emails from an unknown sender
  • Scan all incoming emails for threats
  • Ensure firewalls are in place to block access to malicious IP addresses
  • Regularly back up data & store data offline

IT security is a big talking point across Australia’s industries at the moment, but the good news is, most attacks can be avoided with a few simple measures.

The IT Department provides IT consultancy to make sure you have the most powerful infrastructure and security measures in place. 

We can also deliver training for you and your team, to keep you informed with the latest and greatest ways to safeguard against malware. Get in touch on 1300 10 10 40 to find out more.

Contact us

Let's talk
Learn more about

Learn more

Keep reading

What is VoIP?

Business Continuity Planning

Need help with your IT services?

See all Services
Subscribe to our newsletter for great monthly business resources.
Join Us!