Expert Speak: Our Founder Amish Gandhi’s blog on Ransomware

Expert Speak: Our Founder Amish Gandhi's blog on Ransomware

What is a Ransomware attack ?

Ransomware is a type of malicious software (malware) that encrypts your files and drives with a key that you can only obtain by paying whatever ransom your attackers want. Attackers often demand payment in crypto currency that complicates law enforcement efforts to track them down. Even worse, payment does not guarantee that you’ll get the key needed to decrypt your data.

Can Ransomware attacks be avoided ?

Recent well-publicized ransomware attacks have exploited vulnerabilities in products used by IT services and Managed Service Providers (MSPs), such as SolarWinds and Kaseya. The size and sophistication of these attacks means that no one person or organization can stop ransomware attacks.

Ransomware organizations have even begun offering Ransomware-as-a-Service (RaaS) to anyone wanting to make money and/or disrupt businesses. The word “ransomware” sounds scary and those who wield it seem like criminal masterminds who can take over our digital lives any time they want. The situation is dire, but there is reason for hope… and there are some things you can do to greatly reduce the impact of ransomware attacks.

Can you isolate yourself from ransomware attacks ?

The first thing to remember is that ransomware attackers need access to your data… so maintain tight controls over your data. This is as simple as migrating your data from local storage to a Cloud Service Provider (CSP). Removing your data from your device leaves nothing for ransomware to access. Infected computer? Simply disconnect it and reinstall your operating system and applications, or switch to a different computer. Simply migrating to a CSP is not enough. You need to select a CSP who will keep your data safe. It’s tempting to think that popular file storage services are secure and that you need only choose the lowest-cost provider.

What kind of technology protects you from ransomware attacks ?

The real question you need to be asking is whether the provider offers true end-to-end encryption that locks your data before it leaves your premises and keeps it locked at all times thereafter until you access it using your unique key. Think of end-to-end encryption as placing your data inside a safe and then placing that safe in storage while you keep the key. This ensures that only persons with a valid copy of that key can unlock the safe and access your data. Giving your key to someone lets them access some or all your data, depending on how you use your keys… but it does not give anyone any kind of access to the CSP itself.

DropSecure offers true end-to-end encryption. We protect your data using military-grade AES-256 end-to-end encryption. Migrating your data to DropSecure you remove all of your sensitive data from your own hard drives while keeping it safely tucked away on our servers. Ransomware attack? Disconnect the affected computer and either refresh it or keep right on working from a different computer.

DropSecure always keeps your data safe and gives you access from any location at any time. All the cybersecurity experts in the world can’t always stop ransomware attacks, but everyone who uses data can outsmart would-be attackers by thinking ahead.

Selecting a truly secure CSP such as DropSecure helps make sure that you–and not the criminals–have the true power.

Related Posts

Awards and Achievements