What is Ransomware?
Since its inception, the Internet has been growing, innovating, and expanding at an incredible rate. This has created endless opportunity for people around the world for fun, business, education, and more. Unfortunately, along with all the incredibly good things that have come about over the years, there have also been a lot of ‘bad actors’ who use the Internet to scam or hurt other users. Their criminal activities have been innovating and expanding right along with the Internet.
The latest cyberattacks that are causing huge problems for individuals and businesses around the world is known as ransomware. While not entirely new (it was first seen back in 2005) it has quickly become one of the biggest threats around, and it can impact just about anyone.
What is Ransomware?
As the name implies, ransomware effectively takes your computer (or more accurately, the files on your computer) and holds it ‘captive’ until you pay a ransom. This is done by infecting a computer with malware that takes all the important files on your computer and encrypts them using advanced encryption.
Once encrypted, the ransomware will display a screen on the computer that explains what has happened, and directs the user to send money (typically in bitcoin) to a specific account in order to get the decryption key, which will allow access to the files again. In most cases the people who create the ransomware are demanding somewhere between $100 and $600 worth of bitcoin.
Depending on the version of the ransomware, they may give the users a set time limit by which they must pay or the files will be destroyed. What makes this particular type of malware unique is that if people pay the ransom, they almost always get their files back. The criminals behind this type of infection have learned that following through on their offer makes it much more likely for people to actually pay the ransom. According to estimates, some types of ransomware have ‘earned’ those who control it nearly $400,000 per month!
What to Do if You’ve Been Infected
If you have found that your computer has been infected with ransomware, you have a few options. None of them are guaranteed to work, unfortunately. A lot of your options will depend on the status of your computer files prior to being infected (were they backed up?), and the exact type of ransomware you are infected with. We can’t recommend any specific action for your case, but here are the main options you will have available:
- Restore from Backup – This is the ideal option. If you have your important files backed up, you’ll want to wipe your drive clean and reinstall your operating system from scratch. From there, you can restore all your files and be back up and running properly. This is certainly an inconvenience, and can be quite time consuming in some situations, but it should work in almost all instances!
- Pay the Ransom – Most experts do not recommend this option. Remember, these are criminals that are running the ransomware, there is no guarantee that if you pay, they will honor their promise to unlock your files. In addition, the more people who pay the ransom, the more these criminals will keep doing this type of attack. Most people who have paid the ransom were able to get their files back, so you’ll have to choose whether you want to take this action or not.
- Get Help from an Expert – TrendMicro is a computer security. We are not affiliated with them in any way, but have found that they offer free technical support to those infected. They may be able to help rescue your files. To get the free technical support, click HERE and scroll to the bottom of the page.
An Ounce of Prevention
Hopefully you haven’t (yet) been infected with ransomware. If that is the case, you need to take action now to protect yourself. The first thing you should do as soon as possible is backup your files, and setup a good backup schedule to ensure your files are always available. This can be done locally, or using a cloud backup service (there are many good ones to choose from).
In addition, taking common precautions to avoid being infected will help you to avoid this hassle. The same basic tips for avoiding any type of virus will apply to this scenario as well. Here are a few important things to keep in mind:
- Don’t Open Weird Attachments – Don’t open attachments in email, even if they are sent from someone you know, unless you are 100% certain that they were intentionally sent to you.
- Anti-Virus – Make sure you have a good quality anti-virus & anti-malware program running on your computer, and keep it up to date.
- Avoid Questionable Websites – Don’t visit websites that appear shady, and if your browser gives you a warning, don’t visit the site even if you’ve been to it before. You never know when a website has been hijacked or infected.
- Limit Access – On business networks, limit what users are allowed to do on their computers. At home, make sure people using the computer doesn’t have admin privileges.
In the end, things like ransomware will always be a threat. As the threats are detected and neutralized, the criminals come up with new ways to cause trouble. Taking steps to keep your computer safe now will help avoid this threat, and those that come in the future.