Ransomware – What is it and why should you care?

Nov 13, 2015360TS

Ransomware

Ransomware is a type of malware that prevents partial or complete access to the user’s computer or files, and demands a ransom for getting access to them again.

Different types of Ransomware

There are different types of ransomware out in the wild, depending on how severely they affect the computer. Some block users from accessing the system, usually by locking the screen. Another type of ransomware terminate the applications from working, like security software and website browsers. The last type, the most common, encrypts user’s personal files as documents and pictures, preventing the access to these, unless a ransom is paid in exchange for the decryption key. This type of ransomware is also known as Cryptolocker.

Ransomware attackers lock victims’ PC to get paid
The purpose of these attacks is to force the user to pay a ransom, if the victim wants to recover the infected computer or files. The ransom goes from few dollars paid through a premium SMS, to some hundreds through the new digital currency. Attackers look for untraceable methods to be paid. Recent attacks started using Bitcoin as ransom currency, as it happened with CTB-Locker, which demanded 8 bitcoins (around 2500 US dollars) in exchange for the decryption key to recover the encrypted files.

However, it is important to note that in many cases paying the ransom does not guarantee the recovery of files or the access to the system.

Common ways to get infected by Ransomware

Ransomware propagates in different ways. Most common propagation method is through compromised websites or spam emails. The content of these webs or emails is usually claiming that the user has won a prize, or offers access to paid content for free, for example music or movies. The user clicks on the provided link and downloads the malware, or opens the email attachment. Another common propagation method is as a trojan horse or as payload of any other malware.

How to stay safe from Ransomware?

As a general rule, the best protection is caution. There are some recommendations you may follow to minimize the risk of being victim of this kind of attack.

  • Verify the email is from a sender you trust, take extra caution with those containing attachment.
  • Do not open files downloaded from untrusted sites.
  • Patch up your computer with the latest available updates. Ransomware can infect you by exploiting existing system vulnerabilities, so it is important to be protected by the latest system security updates.
  • Make sure you have antivirus installed in your computer and keep it up-to-date.
  • When using another’s USB in your computer, remember to perform a virus scan.
  • It is also strongly recommended to regularly make backups your system and important files, in order to minimize the loss in case of disaster.

To sum up, ransomware is an increasingly common malware which can completely block the access to your computer or files. Backing up your files regularly can help minimise the impact in case of attack. Being cautious when opening emails or links from untrusted sources, and having an updated antivirus can help you prevent becoming a victim of this scam.