RansomWare

by | posted in: Uncategorized | 0

whyransomwarA particularly insidious form of malware is spreading rapidly and could potentially jeopardize your ability to access your data files. Ransomware – as it is known – is a form of malware that can infect your computer and prevent you from accessing your data unless you pay the cybercriminal a ransom. In this article, you will learn more about how you can reduce the likelihood that someone takes your data hostage.

RANSOMWARE BASICS

Microsoft defines ransomware as:

A kind of malware that criminals install on your computer so they can lock it from a remote location. Ransomware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked…and demands payment before you can access your files…

 

In most cases, those affected by ransomware must pay the ransom within a specified period or they will permanently lose access to their data. Further, the cybercriminals responsible for ransomware attacks typically demand payment in some form of untraceable currency, such as BitCoin, to reduce the likelihood that they are caught and brought to justice.

Two major forms of ransomware exist –

1) encrypting ransomware and

2) non-encrypting ransomware.

Encrypting ransomware examines your computer and encrypts data files – often PDF, Excel, Word, and PowerPoint files – so that their rightful owner can no longer open them. If the owner chooses to pay the ransom – typically in the range of $500 to $1,500 – the cybercriminal will provide the encryption key to the owner; otherwise, the files are forever locked and inaccessible.

Non-encrypting ransomware does not affect the data on the computer, but rather, affects access to the computer itself. Non-encrypting ransomware often will cause pornographic images to display on the computer screen until the victim pays the ransom. Upon paying the ransom, the cybercriminal deactivates the ransomware on that computer and it returns to normal operation.

The most common method by which cybercriminals install ransomware onto their victims’ computers is by sending emails with attachments that contain the malware.

When a recipient of a message clicks to open the attachment, the malware installs and the crime begins. Other methods used to infect computers with ransomware include causing users to click on malicious links in email messages or websites and through instant messages transmitted over social networks.

 

HOW TO REDUCE THE THREAT

As with all security threats, the best approach to minimizing the threat of ransomware infecting your computer is to apply common sense and exercise sound, professional judgment. Each of the following actions will help to reduce your exposure to ransomware.

  • Do not click on email attachments from unknown or untrusted sources.
  • Be very judicious about the websites you visit and the hyperlinks in email messages on which you click.
  • Do not install extra tool bars or other “CUTE” programs. (Remember nothing is free!)
  • Always read what you are agreeing to when you are installing, clicking okay or next.
  • DO NOT LOG into social media sites from a critical or work computer.
  • Additionally, know that all of your social network “friends” might not really be your friend after all; therefore, be discerning about what links you click on when participating in social network mediums.
  • Be aware of updates to the Operating System or other applications. (Updates are a executable application and therefore could carry a virus or ransomware)

 

SUMMARY

The threats emanating from ransomware are real and growing on a daily basis. In addition to potentially affecting your computer, ransomware now also threatens mobile devices such as smartphones. The best means of reducing these threats is to adopt a three-pronged strategy that includes

1) avoiding opening email attachments and clicking on suspicious links from unknown sources.

2) ensuring appropriate anti-virus, anti-malware, and firewall security is in place and working as intended.

3) creating daily backups of critical data files and storing them in locations that are not connected to your computer. By implementing this strategy, you can minimize the threat of your data being held hostage.

Leave a Reply

Your email address will not be published.