What is Ransomware? You hear a lot about it these days, but some people may still be confused about what it is and how it works. Well, like the name implies, something is being held for ransom. In this case, it’s your data (files), and in some cases, your entire computer. Since its inception, there have been many variants of this malicious software. But, all Ransomware has some things in common:
1. They encrypt (scramble) files on your computer with a very complex key.
2. The author of the Ransomware withholds the unlock key for the encryption until you pay them a specific amount of money, which is different in each case, but at least several hundred dollars. As of 2018, the average is over $1,000.
How does one’s computer become infected with Ransomware? Well, just like any other virus: Malicious email messages (either infected attachments or embedded links), infected websites. Sometimes, the websites themselves aren’t infected. But, because so many websites have ads these days, it’s a good mechanism for transporting viruses. People or companies can purchase advertising space on many websites, and the hosting website/company doesn’t regulate what ads appear on each page. The same goes for search engines. People or companies can pay to have their advertisement appear at the top of a search list, taking you unknowingly to an infected website. Some variants can infect one computer, then look for other computers on the network to infect. And, once a computer is infected, any files it has access to can be infected, including external removable media (i.e. flash/external drives). If infected removable media is inserted into another computer, there’s a very good chance that computer can become infected.
So, how do you protect yourself? Well, there’s no simple answer to make yourself and your computer 100% protected. As with all malicious software, there’s no foolproof method to fully prevent infection except for never connecting your computer to the internet, and never introducing anything new to it through removable media and networking. If you use your computer to play Solitaire, and it has no other connections, your probably perpetually safe. That is fairly unlikely. For the rest of us, this is the best we can do:
1. Keep your computer protected with antivirus, and ensure the virus definitions are automatically updated several times a day.
2. Ensure your computer is updated with security patches regularly. This is usually handled through automatic updates, depending on what operating system you’re using.
3. When accessing email, never open file attachments from anyone unless you’ve verified they sent you the file. Don’t just trust it because the From address is someone you recognize. Accordingly, don’t ever click on embedded email links. Most of the time, they’re probably safe. But, it’s the one’s that aren’t safe that will cost you dearly.
4. When browsing the internet, restrict your use to sites you know well, and are trustworthy. If you don’t know the site, don’t go to it. Also, with regards to searching, be very wary of links in search lists. Watch for ads at the top of the list. And, most importantly, look carefully at the URL (website address) listed below search links. That will tell you exactly where the link will take you. Read it carefully, as often rogue sites have names that are similar but not exact to a site that you might trust (i.e. what you think is www.microsoft.com could be something like www.micorsoft.com, or something entirely different). Be vigilant.
5. Make certain you have a comprehensive backup solution that can’t become compromised.
Sadly, this problem is not going away. In fact, it is only going to get worse. The best thing that can happen is that the cyber criminals don’t make money when an infection occurs. If a computer becomes infected, and it is subsequently cleaned and files are restored, the problem stops there. As soon as it’s not profitable, the miscreants will look for some other means.