What is Ransomware?
If you want to know how to avoid a ransomed POS system, you need to know what it is. Ransomware is a type of malware (malicious software). It encrypts and locks your computer files until you meet the ransom demand. The ransom is typically paid in Cryptocurrency to hide the identity of the hacker.
Most ransomware attacks display a large on-screen message to scare the user into paying the ransom. It is possible and likely that ransomware from one computer will spread throughout your network to shared drives and servers. If you do not pay the ransom on time, a hacker typically deletes or locks the files. Additionally, this action is usually permanent.
How does Ransomware Work?
Ransomware enters systems in many different ways.
- Spam email attachments
- Direct downloads
- Fake advertisements
Once opened or executed, the virus finds infected drives on a system. Next, it begins to encrypt the files on each drive. The process adds file extensions to the end of each encrypted file. Such extensions include: .aaa, .xyz, .vault, .cryptolocker.
Once the ransomware locks all the files, the infected system displays a screen with a note. The note tells you where and how to pay the ransom.
Best Practices to Avoid a Ransomed POS System from US-CERT
- Be careful what links you click. Hover over each link before clicking it. Make sure the link points to the address that you expect. Finally, don’t click questionable links.
- Back-up your data. This action won’t prevent ransomware, but it can mitigate your risks.
- Keep your operating system and software up-to-date.
- Maintain up-to-date anti-virus software, which scans every download.
- Stay informed about the latest news. As a result, you will know if attacks may affect your business.
- Conduct regular security awareness training. With the rise of cybercrime, training will help you in and out of the office.
For more information on Ransomware and how to avoid a ransomed POS system, follow the links below: