Ransomware attack

The digital age has brought us numerous advantages, but with these advantages also come dangers. One of the most concerning threats to businesses and individuals alike is the “ransomware attack.” But what exactly is a ransomware attack and how does it happen?

What is a ransomware attack?

The word “ransomware” is made up of the English terms “ransom” and “software”. A ransomware attack is a type of malware that penetrates a victim's computer systems, encrypts or locks data, and then demands a ransom to release the data.

How does a ransomware attack take place?

  1. Infection: Most of the time, ransomware enters a system via phishing emails, infected software downloads, or malicious advertisements.

  2. Encryption: Once activated, the ransomware begins to encrypt files on the affected computer or network.

  3. Ransom note: Once the encryption is complete, a message appears on the victim's screen. This message demands a ransom, often in the form of cryptocurrency, for the decryption code.

  4. Payment...or not?Some victims pay the ransom in hopes of getting their data back. But there is no guarantee that the attackers will actually provide the decryption code after payment is received.

Practical examples from Germany:

University Hospital Düsseldorf. In September 2020, the University Hospital of Düsseldorf fell victim to a ransomware attack. The attack significantly disrupted the hospital's operations, and one patient had to be transferred to another hospital due to the IT failure and died.

Heise Publishing. In 2016, the renowned Heise Verlag, known for its specialist IT publications, was hit by a ransomware attack. Fortunately, the publisher was able to fend off the attack without causing any major damage and restore its data.

Norsk Hydro Germany. One of the world's largest aluminum producers, Norsk Hydro, was hit by a ransomware attack in March 2019. The production facilities in Germany and other countries were severely affected. Despite facing significant financial losses, the company refused to pay the ransom and instead chose to restore its systems from backups.

City administration of Frankfurt am Main. In December 2019, the city administration of Frankfurt am Main fell victim to a ransomware attack, which resulted in the city's IT network having to be temporarily shut down. While the exact details of the attack were not fully released, it was a clear example of how vulnerable even large and well-resourced organizations can be.

Practical examples from smaller German companies

These examples show that no organization – regardless of size or sector – is safe from the dangers of a ransomware attack

It is extremely important to continually stay informed about the latest threats and take appropriate protective measures.

Protect yourself and choose to perform regular and reliable backups and be vigilant for suspicious emails or downloads.

The best defense against ransomware is prevention through professional protection systems and raising awareness of every user of your system (private and professional).

Our comprehensive email protection is a cloud-based email security solution and part of our ECDU.EU ' Defender Technological Network '. The software is installed remotely and actively protects you against email-based threats such as spam, phishing, malware, ransomware and zero-day attacks every time you receive an email and click a link.

The solution is available as SaaS (Software-as-a-Service) and can be integrated with various email platforms such as Microsoft Exchange, Microsoft 365, Google Workspace and many more.

How protection against spam and phishing works

Our Defender protection provides a secure way to check your incoming and outgoing emails. He is part of the ECDU.EU Defender Technology Network .

It acts as a "man in the middle" by first checking your emails through the Defender network using the latest and highest standards to detect malicious code or ransomware attacks. Every email is scanned for known threats and suspicious file attachments are automatically disassembled and tested in a so-called “sandbox” to identify potential infections.

Only after successful verification and through additionally used AI-based algorithms will the email be securely delivered to you or your email to a recipient.

The most important features of this security solution are:

  • Email filters

  • Antivirus and antimalware protection

  • Link & URL filter

  • Attachment sandboxing

Protect your business

Talk to our experts and find out how you can effectively protect yourself from ransomware attacks.