Ransomware – what you need to know

Ransomware attacks can have devastating consequences for the companies and organizations that are affected. Here we go through what you need to know about the malicious code and what you can do to protect your company.

Contact us

What is ransomware?

Ransomware, also called extortion software, is a type of malicious code that encrypts files, hard drives, or entire IT systems, and can only be unlocked with a decryption key in exchange for a ransom. Ransomware attacks can affect both individuals and companies, but recently the latter have increased because the fraudsters can then demand significantly higher amounts.

How does a ransomware attack against a company work?

A ransomware attack usually begins with an employee receiving a phishing email that appears to have been sent by, for example, a colleague within the organisation. The email contains a file with malicious code, and when the employee clicks on the file, the hacker gains access to the person's device. From there, the hacker can then take control of all the computers within the organisation, steal sensitive data, and encrypt the systems so that no one can use the computers anymore. In other words, the company is locked out of its own IT system. Afterwards, the hacker demands a ransom to decrypt the systems.

What consequences can ransomware have for companies?

Economic loss, even in cases where the ransom is not paid, due to business interruption and handling of the attack.
Sensitive data in the form of customer registers, passwords, and trade secrets can be stolen and sold while the hacker breaches the system.
Risk that the company's customers and partners are also affected – which can further damage the company's reputation.

Consequences of an attack

Notable ransomware attacks in Sweden

REvil

During the summer of 2021, the hacker network REvil launched a ransomware attack against the American company Kaseya, which would have significant consequences in Sweden. One of the companies that use Kaseya's software in their payment systems is the grocery chain Coop, and the attack led to the cash register systems in approximately 700 of their stores being knocked out for a week. On the days when the system was down, the estimated cost for Coop was 10 million Euro per day.

Kalix Municipality

In December 2021, Kalix Municipality suffered from severe operational failures, which included the home care service being unable to access records and the municipality being unable to make payroll payments. In fact, it was a ransomware attack that locked the municipality out of its own IT system. Kalix Municipality never paid any ransom – but the cost for the municipality ultimately amounted to 250.000 Euro.

Protect your company

How to protect against ransomware?

Education in cyber threats

Educate yourself and your employees on how to identify phishing emails. Since many of today's cyberattacks are initiated with an email that encourages the user to click on a malicious link, user training is one of the most important defense measures.

Automatic data backup

Implement a solution that continuously backs up the company's data – if there is an extra backup, it doesn't matter if the hacker encrypts the original version. This makes it easier for you to recover from an attack without losing important data or paying a ransom.

Keep your systems updated

Make sure your company has the latest security updates for the software you use. Many hackers take the opportunity when a software's vulnerabilities are announced and then target those who have not implemented the latest update.

Strengthen the company's web security with Abion

It is completely natural for you as a business leader not to have all the knowledge when it comes to how to protect your organisation from hackers. That's exactly why Abion exists – we are experts in brand security and can help you apply technology and approaches that strengthen your organisation's resilience against cyber incidents. This allows you to focus more on running and developing your business without having to worry about keeping up with security developments.

Contact us to learn more about how we can help!

Frequently asked questions about ransomware

How are individuals affected by ransomware?

Individuals can have their devices infected in various ways, for example through phishing, by visiting a malicious website, or by using an unsecured network.

Is it only computers that can get infected by ransomware?

No, many other types of devices, such as phones and tablets, can also be infected by ransomware.

Can ransomware be removed?

In some cases, it may be possible to remove ransomware without paying a ransom, but far from always.

What is meant by ransomware?

Ransomware is a type of extortion software used by hackers to encrypt their victims' files, hard drives, or IT systems. The victim then needs to pay a ransom for the decryption key.