Every day ransomware hackers are trying to find vulnerabilities on websites, these are sometimes found in older versions of software such as WordPress or Magento, or through any out of date plugins.
In a ransomware attack, once a vulnerability is found, a script is then uploaded that acts as a back-door to the website; allowing the hacker access to perform a variety of actions on the site including editing, creating and deleting files and databases. The problem with these is that they can often go undetected for a large period of time as they don’t tend to cause problems for the site owner to warrant an investigation. The hackers can then hold the website owner to ransom over their files and databases by encrypting these so they are no longer accessible until a ransom fee is paid, normally demanding money be transferred in the form of bit coin in order to remain untraceable and anonymous. Symantec has estimated that at least $5 million is extorted from ransomware victims each year and this figure seems set to rise.
There are some things you can do to protect your site and hopefully prevent ransomware infections or minimize the damage if such an infection does occur:
- Backup your files regularly
- Apply software patches as soon as they become available. Some ransomware arrive though vulnerability exploits.
- Bookmark trusted websites and access them via the bookmark
- Only download attachments from trusted sources
- Scan your system regularly with anti-malware.
According to new figures obtained from security firm Trend Micro, this year could see the largest number of ransomware attacks on record. Already this year, there were more ransomware-related infections found in February alone than the first six months of 2015. The figures also found that there were more than twice as many infections last month than in the entire first three months of 2015, and that the combination of January and February 2016’s tally is already more than triple the infection count for the first three months of last year.
We really cannot emphasis the importance of backing up important files for your website enough. Along with being very useful for if a part of your site is broken, either by yourself or a developer, backups are hugely important to ensure the reliability and uptime of your site in the event that it becomes compromised by something such as a ransomware.