There was a time when being held at ransom meant something totally different than we know it today. Well at least in terms of ransomware. Back in the day for you to fall victim to “ransomware” you had to be the son or daughter of some filthy rich parents.
You would then need to get kidnapped by the kidnappers (ransomware). The only way you were going back home was to be rescued by some elite police squad or simply just pay the bad guys.
Enter Ransomware, the Modern day Kidnappers
Names like CryptXXX, Locky, Apocalypse, Zepto, and others have been raining havoc on peoples computer files. Ransomware is a certain type of malware. The different variants have been making major headlines recently while keeping security researchers and organizers tied up. At the same time, it has cost organizations loads in Bitcoin payments to this nefarious characters who deploy the ransomware.
How Ransomware Works
Once it gets onto your computer through various means such as a Trojan or more commonly through that socially engineered email attachment it then begins its damage. With slight variations in the mode of operations, in general, ransomware begins to encrypt all the files on the victims’ storage drives and devices that meet certain criteria.
The criteria used is usually based on the file extension. The malware will silently encrypt all files then once complete reveal itself to the user. Some variants will lock the entire computer and allow only the lock screen message to be displayed. Why the lock screen with a message? This happens to be the ransom note.
The malware programmer will contain instructions that seek to warn the user of consequences should they not be obliged to make a Bitcoin payment of a prescribed amount to a certain website address on the darknet. The reason this demands must be met is that there is no way of encrypting the encrypted files without the decryption key.
Unfortunately for the victim, this key is sitting on a server somewhere on the Internet. The key is only sent to the victim after the victim makes the payment and he can have his files back. Some of the malware even makes it more difficult to share the key because the malware can generate a unique key for the specific computer.
How to Protect from Ransomware
Like other forms of malware, you must apply best practice habits when using your computer.
- Keep your computer and all software application up-to-date with the latest updates and patches
- Install an antivirus and anti-malware application and keep them up-to-date
- Do not install software from strange sources. Stick to known credible vendor supplied sources whether they are open source or vendor specific
- Be careful when opening emails with attachments and avoid certain attachments especially those in zip formats.
- Email from unknown sources should be deleted especially if they contain attachments and are not marked as spam
- Avoid clicking links in emails unless you are sure it’s from known sources such as subscribed email subscriptions
- Avoid sticking portable storage devices into your computer when the source cannot be guaranteed
- Do not install mobile apps unless they are from the official app stores.
- Keep abreast with websites such as this one which provides information and news about these threats and trends
- Should you be on computer networks such as corporate offices, as an admin set policies that limit access to users where they need not be
Hope you keep safe and help make the Internet a safer place for all.