Despite being just halfway through 2022, ransomware attacks have already caused significant damage this year. Last month alone, hackers targeted web hosting providers, healthcare systems, and major library services, among several other high-profile attacks.
The EC-Council team caught up with John York, a Certified Ethical Hacker (C|EH) from the United States who currently works as a project manager in the U.S. Air Force, to get his insights on ransomware attacks and how to prevent them.
In this interview, John explains what ransomware is, how ransomware attacks work, and what companies can do to protect themselves.
What is a ransomware attack?Ransomware is a form of malware specifically designed to remove access from an organization to its file system. Modern ransomware attacks have evolved from simply encrypting files and demanding payment for a decryption key to complex attacks that add data extraction and extortion to the attacker’s playbook.
How would you define a ransomware attack?A ransomware attack encrypts the file system so that, without a decryption code, all the information stored in the organization’s file servers is inaccessible.
How does a typical ransomware attack work?In a typical ransomware attack, the threat actor encrypts the organization’s file system, holding the decryption key ransom. That’s what gives it its name
What strategies can be used to avoid ransomware attacks?The best strategy to avoid ransomware is understanding that there is no 100% safe solution. Ransomware can affect any organization. Without the proper backups, any organization can fall victim to ransomware. The best solution is to implement immutable backups.
“The best solution is to implement immutable backups.”
Immutable backups are backups that cannot be altered. So, if you do fall subject to ransomware, the backups are not accessible to the ransomware and can be used to restore your live data.
Is your IT team equipped to deal with ransomware attacks?
Build a Rewarding Career with the C|EH Fast-Growing Job Market
1,800+ ethical hacking job openings on LinkedIn alone1
C|EHs in the U.S. earn over $82,000 per year on average2
Wide Range of Opportunities
Prepare for 20+ cybersecurity job roles with the C|EH
BlackFog. (2022). The state of ransomware in 2022. https://www.blackfog.com/the-state-of-ransomware-in-2022/
Feuer, W. (2022, May 9). Omnicell discloses some systems affected by ransomware. MarketWatch. https://www.marketwatch.com/story/omnicell-discloses-some-systems-affected-by-ransomware-271652100711
Greig, J. (2022, May 22). German library service struggling to recover from ransomware attack. The Record. https://therecord.media/german-library-service-struggling-to-recover-from-ransomware-attack/
Selsky, A. (2022, May 10). Hackers hit web hosting provider linked to Oregon elections. Oregon Public Broadcasting. https://www.opb.org/article/2022/05/10/hackers-hit-web-hosting-provider-linked-to-oregon-elections/
Views expressed in this interview are personal. The interview has been produced with the aid of a transcription service and may contain dictation, typographical, technical, and/or other errors. The facts, opinions, and language in the interview may not reflect the views of EC-Council or the interviewee’s employer, and EC-Council does not assume any responsibility or liability for the same.