Ransomware is a huge security concern and has been a hot topic for a while now. In this blog, we break it all down and give you some basic tips for protecting yourself and your files. The more prepared you are, the better!
What is Ransomware?
Simply put, ransomware is a type of malware that blocks users from accessing their local files and folders by putting them at digital gunpoint.
As its name suggests, ransomware is used to exploit users in exchange for regaining access to their “hostaged” data and/or files. The ransomware creator makes specific demands, and to ensure that the victim complies, they use the threat of permanently deleting their files or exposing their private information.
Unfortunately, most people simply do not realize how much of their personal information is stored on their device until it becomes compromised. Ransomware is also an undeniable threat to businesses of all sizes. According to last year's McAfee Labs Threat Report, the number of ransomware-related security cases increased by over 165%—and that was in the first quarter of 2015 alone!
Are you at risk?
While ransomware can potentially be more devastating for businesses or institutions, its risk to individuals is far from insignificant. There’s no way to know who will or won't be targeted, so the best you can do is take as many preventative measures as possible to try and prepare yourself so that if your device becomes compromised, you can limit your losses.
How does my device get infected?
Ransomware oftentimes disguises itself in the form of harmless data, embedded within cleverly constructed phishing email scams.
The biggest mistake you can make is to assume that you’ll know a scam email when you see one. The email will most likely look VERY authentic and will usually contain information relevant to your geographical location - this makes it extremely difficult to detect.
It can take the form of one simple email that looks and sounds legitimate, mixed in with a bunch of actual real emails in your inbox that makes it even trickier to detect.
Basic ransomware protection
Preparing yourself for a potential ransomware attack is not an impossible task, but it can be quite difficult. Here are a couple of preventive measures you can take to significantly lower your chances of being targeted or falling victim to ransomware:
Back up data - It might sound repetitive but backing up your data regularly is the first step you can take to assure its safety. Although this doesn’t prevent the possible leakage of data, it will reduce your losses and minimize the damage of an attack.
Increase user awareness - Ransomware viruses are always very aggressive and persistent when seeking out targets. The best thing you can do is increase awareness within your circle and make sure you remain skeptical and on guard of suspicious content.
***PRO-TIP: Always remember to verify the senders of emails and/or the attachments before opening/clicking on anything. Official senders usually have short domains rather than long stringed ones with dashes and extra words. If you’re unsure, run a quick Google search on the email address and you’ll quickly be able to find out if it’s a scam or not.
Patch up - Vulnerabilities and holes in systems can always be exploited by potential ransomware virus attacks. Remember to keep your systems, software, and applications up to date as a means of prevention.
Employ layered defenses - Aside from manually determining the authenticity of files, make sure to employ other automated programs. Antivirus & Internet Security software, anti-spam, and other specific blocking countermeasures can stop executable files from freely infiltrating your system. The more defense layers you can add, the better.
What to do if you're targeted
If you’re targeted and ransomware has successfully taken ahold of your files, data recovery is unfortunately next to impossible. Once the executable files runs, all computer functions will usually cease, including all security software that may have been running during the time of the attack.
Unless the private key is provided or the control server is physically raided (as with CryptoLocker back in 2014), then your data is locked and can potentially be deleted. Note that any of the so-called “ransomware removal” kits out there are often times actually malware themselves, so it’s best not to risk making the situation worse.
The number one thing to know is: DO NOT PAY THE RANSOM. Unfortunately, there is absolutely no guarantee that you’ll be able to recover your files. By paying the ransom, you may be putting yourself at even more of a risk for things such as fraud and identity theft, etc.
Want more info?
For more information, check out Microsoft's Malware Protection Center for their very helpful guide on Ransomware.