Ransomware Basics

Posted by Rebecca Prince on October 28, 2016

Ransomware Blog

The term "ransomware" has been in the news a lot lately.  However, many don’t really know what it means or why computer users should care about it.  Here is an overview to help with the basics.

The term is used generically to refer to some type of malware that can hold your computer or mobile device for virtual ransom. If installed and executed, the malware can lock your computer, encrypt your files, or do some other unpleasant action and subsequently not give you control or access back until you pay some sort of fee. 

A device can be infected in a few different ways, but most often is done when a user opens an infected file in an email or clicks a link that redirects to a malicious website. The perpetrators often put a deadline on payment of the ransom or threaten some other action. 

However, if this should happen, it is important not to pay any money or other "reward" to the criminals.  This merely encourages it and does not guarantee the information will be decrypted or the system unlocked.  In fact, it may create additional unwanted actions.

Encryption

Good anti-virus and anti-malware software can help remove some of the ransomware, but it won’t decrypt files.  The hackers are the ones with the right codes to do that, and it isn’t likely they will provide them to you for nothing.

The best defense against ransomware involves preventing it.

  •  Don’t click links in email if you’re not sure they are legitimate.  Don’t open email attachments if they come from unknown sources.  Trust your instincts and if it seems fishy, investigate further before clicking or opening. 
  • Backup your computers and devices regularly.  This will allow you to reset your system and restore it if needed.  There are large external drives available for reasonable prices that are easy to use. 
  • At a minimum, keep copies of your most important files on a removable USB drive. 
  • Always apply critical and security updates to your computers and mobile devices as soon as possible. 
  • If you are still using the Windows XP operating system, seriously consider upgrading to a newer version.  New patches for that system will not be released since it is no longer supported by Microsoft.  

Most of these types of attacks have occurred on Windows systems, but certainly this is not exclusive.  The first file-encrypting ransomware, Simplocker, has also been discovered on Android platforms. It’s likely all operating systems will be vulnerable in the not too distant future.

Blog contributed by Stickley on Security