2016 is shaping up to be a big year for organised e-crime. Last year we saw a steady increase in the number of Ransomware attacks and there is no sign of them slowing down.
Most of the attacks we have seen have been based on Cryptolocker or some variant of it. Cryptolocker is a program that once executed on your computer systematically encrypts your files and very matter-of-factly tells you that the only way to get your data back is to pay the ransom within a couple of days, usually via bitcoin or some other e-currency.
Unless you're Mel Gibson or Liam Neeson you're probably not going to and find the bad guys and beat them in to submission so what are you going to do? One of the warnings that Ransomware often gives its victims is that the encryption used is not reversible, I'd love to be able to say that's just a load of rubbish but sadly not, this means that there is simply no way to decrypt your data without knowing the encryption key. That only leaves you with two options, either pay the ransom or restore your data from backup (assuming you have one).
We have never had a customer decide to pay the ransom (mostly because our customers generally run good and reliable backup systems) and reading though the countless blog posts on the subject suggests that if you do end up paying the ransom you ***might*** get your data back, but probably not.
The world's various security companies are frantically rolling out new protection suites that claim to protect against these threats but the reality is they will always be one step behind. The best and first line of defense against these threats is the computer user, you are your staff need to become more savvy and learn how to recognise the threats in order to avoid them.
And it should go without saying, make sure you have a reliable backup system.
Remember, no one cares as much about your data as you do, so what are you going to do to protect it?