It Pays To Know: Ransomware Basics
Ransomware. It’s been described by security companies and news agencies alike as an “epidemic.” New strains are constantly detected in the wild and many are using original techniques — such as creating a unique encryption key for each file locked down — to frustrate security companies and convince users they should pay. While there’s no way to completely shield devices from ransomware attacks and payment demands, knowing the basics can both reduce user anxiety and limit the chances of becoming a victim.
What Is Ransomware?
As noted by Tech Target, the goal of ransomware is to "kidnap" data and demand payment from users for its release. It’s a subset of the general malware category, made distinct because ransomware attacks don’t focus on stealing user credentials or interrupting key processes, but rather the isolation of data coupled with the promise of destruction if monetary demands aren’t met.
Often, ransomware code is hidden inside seemingly harmless software or applications, and executes when users first launch the program. Devices may also be infected through malicious email links or compromised websites. In many cases, victims aren’t aware they’re under attack until they discover files are locked and a ransom demand displays on screen.
How Does a Ransomware Attack Work?
As noted by Kaspersky Lab there are two main types of ransomware: Locker and crypto. Locker programs are easier to defeat since they avoid critical files and instead aim to lock out users from critical functions such as desktop or Internet access. The much more popular crypto form, meanwhile, encrypts files and then demands payment.
Most crypto ransomware attacks follow a similar pattern: User devices are infected with malicious code, which then selects specific files and starts to encrypt them using a unique algorithm. In some cases, only pictures and documents are targeted; in newer ransomware variants, attackers also go after executable files. Once infected, victims usually receive a warning screen that may accuse them of breaking the law or simply state they’ve been the victim of a cyberattack. Malware makers often want payment in Bitcoin sent to a specific email address and many start a "countdown timer" — if payment isn’t made quickly enough, all files are deleted.
Preventing the Problem
To protect your personal data, it’s worth implementing a few simple ransomware security measures. First up? Don’t assume that only Windows PCs are at risk. According to PCWorld, it’s now possible for ransomware to attack Android and iOS, Linux servers and even smart televisions. You can also lower the chances of infection by deleting spam emails, never clicking on suspicious links, and always downloading mobile apps from official application stores.
Despite best efforts, however, it’s possible that an attack will still succeed. As a result, it’s important to always back up critical files — on a USB stick, external hard drive or another PC — that isn’t connected to your primary device. Keep your operating system up to date and regularly run a reliable anti-virus scan to help detect any dormant ransomware code. If your device does get locked down, search online for a cure, since many security companies have developed ways to crack existing ransomware encryption. Worst-case scenario, you can also pay the ransom — understand, however, that payment does not guarantee the safe return of your files.
Ransomware continues to impact devices and users worldwide. Avoid attacks and limit damage by understanding the basics of a ransomware attack and improving your overall information security.