Ransomware have become a real threat to the use of technology, unlike other form of malware which could target systems by deleting some files, editing some files and some creating backdoor for the attacker to access the system, ransomware have gone a notch higher by targeting human. This is achieved when ransomware encrypt data of the infected computer and a note demanding for a ransom to be paid is printed on the screen. Due to the advancement in technology, ransomware use advanced and secure encryption algorithm which is difficult to decrypt even when the computational power is not limited. Ransomware is mostly spread through the use of a phishing email which tricks the victim into clicking on a link that is loaded with malicious files or downloading an attachment which is loaded with malicious files. Due to this, it is of benefit to educate the employees so as to be more careful when interacting with emails of unknown origin. Attackers are capitalizing on the fact that ransomware attack is highly automated and therefore there are limited chances of getting the attacker, the whole process from attack to ransom payment is fully automated. There is no system that have so far been developed to get rid of ransomware and therefore prevention of attack is of paramount importance. This study therefore seek to investigate the distinctive features of ransomware that are not available to other forms of malware. These features can be used to help detect an impeding ransomware attack and thereby stop any possible data encryption midway. The conventional antivirus have no capability to fully detect and stop ransomware attack and therefore necessitating some more extra measure to keep the system secure against the ransomware. This study will also seek to study the state and preparedness of Kenyan companies in regard to ransomware attacks. The fact that very few companies in Kenya take cyber security with seriousness it deserve makes Kenyan companies an easy target to cyber criminals. There is a major cyber security professional gap in Kenya and the few available come at an added cost to the company, therefore, small and medium companies fail to meet this important requirement to safeguard their digital asset.

show more