As recent trends have shown, the danger of losing access to your data, devices and services is compounded by threat actors that are now exfiltrating data and threatening to leak it on public sites if victims don’t pay up. Ransomware operators have become wise to the threat to their business model from their own success: increased public attention of the ransomware threat has pushed (at least some) businesses to invest in backup and recovery. But those techniques become redundant when the perpetrators are holding your most sensitive customer and corporate data over your head.
Post infection, ransomware can spread to other machines or encrypt shared filers in the organization’s network. In some cases, it can spread across organizational boundaries to infect supply chains, customers and other organizations, and indeed, some malware campaigns have specifically targeted MSPs. The real answer to ransomware lies in prevention rather than cure. So just how does this devastating malware commonly infect devices?