Official Blog
Mi a zsarolóvírus? Támadások megértése és védelmi stratégiák a szervezetek számára.
Synology Team
március 27, 2024

Mi a zsarolóvírus? Támadások megértése és védelmi stratégiák a szervezetek számára.

What is ransomware?

Ransomware is malicious software whose primary goal is to infect the victim’s computer or system, encrypt files, or lock down the entire system. The attackers then demand a ransom from the victim in exchange for providing the decryption key or unlocking tool.


Typical methods of ransomware attacks include malicious email attachments, malicious web pages, or exploiting system vulnerabilities to gain access to a victim’s computer system. After successful infection, it starts encrypting your files, making them inaccessible and displaying a ransom demand. Such demands are usually bound by a deadline, if the ransom is not paid on time, they threaten to delete the encrypted data or make the victim’s data public.


Ransomware affects various industries, including financial institutions, government agencies, schools, and hospitals. It can target local drives and extend its effects to all connected devices, or even wipe entire networks and backups in one fell swoop. While recovery without paying a ransom is sometimes possible, it can be time-consuming and costly if the victim is unprepared or faces a targeted attack. To prevent ransomware, organizations must carefully manage email security, network security, regularly update systems, and back up critical data.


Ransomware is a growing and persistent threat


The first ransomware attack occurred in 1989. At the time, users’ attempts to delete a program and reboot the computer 90 times resulted in all folders being encrypted. The data remained inaccessible unless payment was made to the account provided by the malicious actor for the decryption key. Today’s ransomware attacks are more sophisticated and costly. Even though the number of cyber attacks spiked before the pandemic, the incidents did not decrease even after the pandemic subsided. In the Asia-Pacific region, the average weekly number of cyber security attacks against an organization increased by 22%. Globally, the annual growth rate is still close to 40%.


In addition, businesses often need weeks or months to recover from an attack. Alarmingly, up to 71% of businesses cannot recover their data after an attack. Even if organizations are willing to pay the ransom, this does not guarantee the recovery of existing data. According to statistics, 50% of organizations still lose some files and 13% still lose all data.


Therefore, understanding ransomware behavior patterns and implementing preventive measures is crucial. This is the key for businesses to ensure data security and maintain uninterrupted operations.


Understanding Ransomware Behavior and Preventing Ransomware Attacks


Ransomware has developed into a profitable business model over the years, leading to increasingly planned and targeted attacks on organizations. The first step to preventing ransomware attacks is to understand how they work. Ransomware typically follows these steps to infiltrate an organization:


  1. Observation: Gathering information about selected targets.
  2. Infiltration: Inducing clicks on malicious links (exploiting system or software vulnerabilities to infiltrate, then connecting to a relay station).
  3. Espionage: Preparation of the attack, continuous collection of organizational information and acquisition of critical data.
  4. Sabotage and attack: Encrypting original data at source and erasing backups.
  5. Negotiation: If negotiations fail, ransomware can reveal vital company data or delete it outright.



Anti-ransomware protection includes updating systems and software, installing anti-virus and whitelisting software, training employees not to install unknown software, and staying alert to the latest ransomware threats. In addition, regular data backup with immutability functions is essential. In the event of an attack, speeding up the recovery process ensures uninterrupted business operations.


In conclusion, with the growing threat of ransomware, data protection is becoming increasingly important. Despite preventive measures, the problem still exists, and organizations have only one chance to defend against the many attempts of hackers. Data protection solutions like those offered by Synology are becoming crucial in fortifying organizations against ransomware attacks. Synology’s comprehensive data protection ensures the highest levels of security, availability, and recoverability, facilitating effective containment against ransomware attacks.


Experience backup and disaster recovery with Synology Data Protection Solution


In the face of the growing threat of ransomware, the importance of data protection is becoming more and more evident. Ransomware causes millions in losses every year, and despite preventive measures, this problem persists. In addition, hackers can attempt countless attacks, while organizations only have one chance to defend against them. In such an environment, data protection solutions appear to be crucial for organizations to defend against ransomware attacks.


Synology provides comprehensive data protection, so your data will be the most secure. In the event of an attack, we quickly facilitate recovery, ensuring uninterrupted business operations. Synology’s data protection solutions help IT staff to fully implement data protection, guaranteeing the security, availability and recoverability of organizational data, effectively isolating them from ransomware attacks.


Learn more about Synology’s backup and disaster recovery solutions