Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker).

The news has been filled this year with reports of ransomware attacks against companies and government agencies, including even law enforcement. Ransomware refers to a type of malware that encrypts or otherwise restricts access to a machine or device. As part of the attack, the attacker will demand that the victim pay a ransom in order to receive the encryption key or otherwise recover access to the compromised machine.

The reality is that ransomware attacks have been proliferating against all types of companies and organizations. Ransomware is a profitable business for underground circles, and we expect to see continued targeting. Because these attacks may be isolated to a single machine, they frequently do not impact a company’s business continuity or result in a noticeable service disruption. In response to an infection, companies may be able to obtain the technical assistance needed to defeat the attack. Free online resources exist that will identify which ransomware infected your system and provide victims with known decryption keys. In other cases, companies may determine that the data loss is not significant and/or that backups exist, allowing them to rebuild the computer by reformatting the hard drive and reinstalling a clean operating system, applications and data. In other cases though, companies pay the ransom.

Ransomware attackers frequently use many of the same tools and tactics, such as spear phishing, as do other hackers. Unlike many hackers, however, ransomware attackers are not focused on stealing data that can be sold or used for illicit purposes (e.g., credit card information and trade secrets). Instead, ransomware is about economic extortion. The attackers prevent a company from being able to access its own system or data, and they make a demand. Usually, they want money, but that could change. Imagine a hacker who holds data and systems hostage in return for the company’s releasing a public statement, making a divestiture or a arranging for a senior executive’s departure? The distinction between routine malware and ransomware is important to manage the scope of the threat. While some companies may not maintain data that is of value to cyber thieves (although that is becoming less and less the case, as evidenced by the proliferation of W-2 tax information phishing attacks), every company is a potential target of a ransomware attack. Continue Reading 5 Questions to Help Prepare for a Ransomware Attack

Our Morrison & Foerster colleague and Socially Aware contributor Miriam Wugmeister has published a thought provoking and insightful op-ed piece in The Hill on how companies that are the targets of cyberattacks are too often treated as suspects, rather than victims, by regulators.

In her op-ed, titled Stop Victim Shaming in Cyberattacks, Miriam points out that defending the American people and economy from hostile state or state-sponsored actors is critical for both economic and national security reasons. However, while our state and federal law enforcement agencies vigorously protect people from criminals and assist victims of crimes, companies that publicly disclose that they have been the victim of a cybercrime are not treated like a typical victim by federal and state regulators. Instead, they are investigated by numerous agencies, including the Federal Trade Commission, the State Attorneys General, and the Security and Exchange Commission, while often simultaneously sued by consumers, business customers, and shareholders. In the face of the onslaught of cyber threats, U.S. companies are charged with defending themselves in cyberspace or facing legal liability.

How did we arrive at holding those victimized by a cybercrime liable for the damage inflicted upon them? You can read Miriam’s The Hill op-ed here.