search
Where Thought Leaders go for Growth
Reference a solution

Ransomware: a real and costly threat

Ransomware: a real and costly threat

By Colin Lalouette

Published: 13 November 2024

Ransomware is powerful malicious software that hackers use to demand ransom payments. Increasingly widespread, they have made businesses their favourite target. Read all our advice on using antivirus software.

What is ransomware?

The effects of ransomware on your device and your data

Ransomware attacks all types of devices: computers and servers, but also tablets and smartphones. The consequences of infection are numerous and disastrous:

  • Infection of the device and restriction of access: for example, you can only access your web browser, and the rest of your data and functions are blocked.
  • Encryption of documents or images. You then need to obtain the decryption key to recover your data. This is known as crypto-ransomware.
  • Denial of service targeting a website: the website is suspended if the ransom is not paid.
  • Theft of confidential data with a threat to make it public.
  • Forced advertising. The device locks up, leaving you with only one choice: click and view ads. The author of the malware receives an income proportional to the number of clicks.

What they all have in common is blackmail. You can't remove the malware or decrypt your data unless you pay.

The source of the infection on your device

The malware spreads:

  • In an email with infected content: a PDF attachment or a link in the body of the email, for example.
  • By downloading malicious files from a website.
  • During your web browsing, on specific sites and via malicious advertising banners. Even without clicking on them, the very fact of seeing them can infect your device.

Once on your device, the malware can take action and block it at any time.

The new scourge of our time

A growing phenomenon

Ransomware has been the most prolific cyberthreat since the start of 2016. Not only law enforcement agencies, but also medical facilities have borne the brunt. The Hollywood Presbyterian Medical Center in the United States reportedly had its oncology and radiology data hacked and paid $17k to cybercriminals.

A juicy business

A veritable cybercrime industry is taking shape: part of the sums collected from ransoms are reinvested in the development of new malware. While cyber attacks target both private individuals and businesses, hackers know that they will be able to "monetise" their services at a much higher price with businesses. What's more, ransomware kits are available for purchase on the Dark Web, facilitating their mass distribution.

Businesses on the front line

According to a survey, 72% of businesses have suffered a loss of access to their data lasting two days, following a ransomware infection. 32% of businesses were unable to access their data for 5 days or more.

A staggering cost

As well as the ransom, which is already a colossal cost, the time and energy involved is also enormous. The attacked company then has to restart its entire IT system. This means bringing workstations to a complete standstill. An enormous task for the IT Department. What's more, this type of attack is a disaster for a company's image and has a very negative impact on its reputation.

How should you react?

Once you have been the victim of an attack

  • Report your problem to the police? Yes, to alert them. But in the end, they won't be able to do anything for you or your data.
  • Pay the ransom: yes, in most cases. Unfortunately, once the files have been encrypted, there is no other way to recover them. And despite this, you will not be safe from the possibility that other, more discreet viruses have been installed without your knowledge and then persist on your devices. What's more, there's no guarantee that the decryption key will be provided to you and will work.
  • Cleaning your machine and restoring a backup copy: yes. But in some cases, as with the latest Petya ransomware, which is all the rage, restoration is no longer enough.

In any case, it's a costly solution with no guarantees. As is often the case in IT security, prevention is better than cure.

Upstream to defuse the risk

Eight basic reflexes to adopt:

  1. Update your antivirus software regularly with the latest security patches. Ransomware often exploits flaws in older versions.
  2. Back up your data regularly on external hard drives, or via a dedicated, secure cloud solution.
  3. Be wary of suspicious attachments or links.
  4. Avoid using macros on Microsoft Office files (Word, PowerPoint, Excel) if their origin is questionable. View them in a reader first.
  5. Uninstall unnecessary plugins such as Silverlight, Flash and Java if you are not using them. This will reduce the attack surface.
  6. At the very least, use administrator status on your device. Only a few specific actions require it, and it increases the likelihood of attacks.
  7. Install ad-blockers. This will protect you from malware spread by advertising banners.
  8. Equip your company with a specialised anti-malware security solution, such as Bitdefender's GravityZone offering for businesses. Choose a solution that covers all your employees' endpoints and mobile devices and protects your web gateways and email.


Ransomware continues to claim victims in the professional world. They represent a colossal cost and multiple inconveniences for companies. The best way to avoid them is to install an up-to-date, high-performance cybersecurity shield, for better protection and efficient risk management.

Article translated from French