Ransomware is malicious code that infects a computer system and prevents access to files until the user pays the cyber criminal a ransom in order to restore access.
What is Ransomware?
The short answer to the question what is ransomware is itâ€™s basically a virus that encrypts your files then locks your PC and finally displays a message with instructions on how the ransom can be paid to get the code to unlock the Files & Computer. More or the entire hard drive. The only way to unlock the files or drive is the get the decryption key from the attacker.
Ransomware was invented in 1996 and soon became popular in Russia. It has however spread internationally and is now big business. For example, the most famous ransomware, Cryptolocker, made over 3 million in ransom payments before being taken down. The FBI estimates that another ransomware, Cryptowall, had made over $18 million by June 2016.
Payment is made using Bitcoins which allows the attackers to remain anonymous.
Many computer users who found that they have been attacked don’t have advanced computer knowledge and therefore opt to pay the ransom especially if the files are important to them.
One of the reasons it is currently one of the biggest concerns for security professionals is that once a computer is attacked and the files encrypted, there is usually no other way to get the files back without the decryption key. Current ransomware such as Cryptowall uses asymmetric encryption techniques where the decryption key differs from the encryption key and isn’t stored next to encryption data.
Ransomware must, therefore, be stopped before it infects a computer because the data will become unrecoverable. This article takes you through some of the steps you can take to prevent your computer from being infected and what to do if the unthinkable happens.
Important points to keep yourself safe from Ransomware.
You must back up important files regularly. In fact, with the proliferation of cloud services, you have no excuse not to back up. The best way to backup is to have one copy of files for a cloud service and another copy in physical portable media. The physical copy should be read-only to prevent accidental overwriting or deletion.
Check Your Back Up Often
Secondly, check your backup often to ensure that your data is intact. Even cloud services can be hacked, and physical media can get damaged.
Be Paranoid About Email
Ransomware is primarily distributed through fake email phishing messages. Phishing is a criminal practice where an attacker sends you an email that appears to come from someone you trust such as your bank. The attacker will typically ask you to click on a link or open an attachment. The instant you do so, your machine gets infected. Never click links in emails unless you are 100 percent sure about the identity of the person sending the email and never download attachments from unknown senders. Instead get rid of this kind of emails.
Don’t Trust Social Media
Cyber criminals also use social media to distribute ransomware. As with email don’t click on links from friends and never download attachments. Your friendâ€™s accounts may have infected, files and they may not even be aware that they have sent you a message.
Show File Extensions
If you are running Windows, set your computer to show files extensions. This way, you can easily see the type of file, for example, .docx, .pdf etc. Malicious files will usually have extensions such as .exe, .vbs and .scr. If you find files ending with these types of extensions you should be very suspicious.
Set your computer to update the operating system regularly and don’t ignore system notifications. Software companies regularly release updates to patch security holes they have discovered.
Use a Good Antivirus
There are many antivirus products, but not all have the capability to protect you from ransomware. The good ones are able to protect your files once a threat is detected. You will need to spend some money on a good antivirus. Check virus testing sites to see if the product has anti-ransomware features and have a look at the test scores.
Find Out the Name of the Ransomware
If your computer is infected, find out the name of the virus or malware as security companies have managed to crack older versions so you may be able to get your files back.
Disconnect the Machine if Something is Amiss
If you notice some weird process going on, yank the power cable or Internet connection immediately. Depending on the ransomware, there may be a good chance the malware has not yet erased the encryption key in which case a security expert may able to restore your files.
Don’t Pay the Ransom
If you have done all of the above things and your computer still gets infected, don’t pay the ransom. Payment of Ransom is what drives the business. If everyone refused to pay, the business would die, and we would all be safe.
Finally, if you do become infected, report the crime to the authorities and collaborate to help put an end to this despicable practice.