Data Breaches vs Ransomware Attacks: What's the Difference?

The words data breach and ransomware are brandished around pretty liberally these days, a frequently asked question, does ransomware steal data? is it the same as data breaches, not everyone knows exactly what they mean or how they interconnect. Let’s clear that up right now.

What is Ransomware? 

Ransomware is a form of malware which is software installed on a computer or server that allows the hacker to take over, lock and encrypt the files and hold them for ransom. It can happen to an individual, a small business, or even a large company. Sometimes the hacker threatens to delete all the files if they are not paid within the specified timeframe.

Difference between ransomware and malware: How Does Ransomware Get on Your Computer?

Ransomware is a form of malware that can get on your computer in a myriad of ways. Usually, criminals send out vats of phishing emails to try and get people to click a link that downloads the software onto their computers. Another way your computer might get infected is through downloading freeware or other software from untrusted sources, and the malware is bundled in with it. Once you install it, the hackers can take control of your computer, encrypt your files and lock your computer until you pay a fee. 

Some ransomware is worse than others. If your files get encrypted, you have to know how to rescue your computer from a ransomware attack. In other cases, the screen is only locked by a pop-up. Those versions are much easier to resolve. Some hacker conglomerates actually sell ransomware as a kit to budding young thieves. They even include instructions to teach them how to use it.

When businesses are the victim of a ransomware attack, the problem becomes more complicated. They require their data and files to continue operations, so in some cases, they will pay the ransom. Another consideration is if they are a medical or financial facility, the threat of a data breach is greater, and they have to weigh that in as well when making the decision of whether or not to pay.

How to Keep Your Computer Clean from Ransomware

The best thing you can do to ensure a ransomware attack does not ruin you is to keep regular, secure, and accurate backups of your entire computer or server. Other things you can do to stay safe are:

1. Keep your computer updated with the latest security patches and operating system.
2. Install good antivirus software and run deep scans often.
3. Never click a link or open attachments in email.
4. Only download and install software from trusted vendors.
5. Educate your kids, employees, and others about the dangers of malware.
6. Keep solid backups of all your computers and data.

Ransomware vs. Data Breach? How Does a Data Breach Occur?

Data Breach Policy

A data breach is data that is accessed or stolen for the purpose of using it to target the subjects of the information or the company itself. Often, massive amounts of personal or financial data are taken such as the Target, Home Depot, and Best Buy data breaches and then sold on the dark web for a larger purpose.

How to Protect Yourself from Data Breaches

You cannot control how companies use your data, but you can take steps to protect yourself.

1. Never give out personal data (like your social security number, birth date, or credit card info) to anyone unless you initiate the transaction.
2. Routinely get a copy of your credit report, or even better, hire a company like IDStrong.com to monitor your credit for you.
3. Review bank, credit, and debit card statements carefully, always looking for suspicious activity.
4. Only use a single credit card when making online purchases so you can cancel it quickly if there is a data breach.

Ransomware Does Not Mean a Data Breach has Occurred

Just because a computer or server was attacked by ransomware does not necessarily mean a data breach has occurred. Many times, the software works in automated fashion encrypting files and changing extensions, but that does not mean the hacker actually read, copied, or took possession of any files and data. If a ransomware attack is announced on the news at a company you do business with, however, assume there has been a data breach and take quick action. It’s better to be safe rather than sorry.