Your definition of ransom may need some updating. No longer does ransom just refer to criminals and kidnapping. It’s not just people requesting money for their safe return. Ransom in 2016 is all about your computer.
Ransomware is the combination of the word ransom and software. It is a type of malware or bad software. Once ransomware gets on your computer, usually through an infected email attachment, it will lock your computer or data in some way and demand payment to get your data back to you.
What started as a basic scam has recently escalated. Extorting small amounts of ransom from unsuspecting victims isn’t the only goal now. Last year there was a “reported loss of more than $24 million as a result of ransomware attacks.” The FBI has stated that this is an underrepresented figure, due to people’s reluctance to report such crimes.
With this new age of ransom comes much more precise and a sometimes “customer friendly” extortion. The culprits will give you easy to follow step-by-step instructions on how to pay them. Some even offer discounts for early payment. The sophistication level of these criminals is high. That is part of the problem when trying to stop them.
This issue took on new urgency when a hospital in Los Angeles had its entire computer network seized by ransomware. The hospital couldn’t reach any of its digital medical records. The hackers demanded a ransom before they’d release the computers. This hospital ended up paying $17,000 in Bitcoin to get their systems and data back. Attacks like these are becoming more and more common.
Popular Forms of Ransomware
SMS Ransomware locks your computer and displays a ransom message with a code. To unlock your computer, they give you instructions to send the code via text message to an SMS number. They then give you the corresponding code to unlock it.
Winlocker is a variant of ransomware that also locks your computer. It displays a more intimidating ransom message, though. It appears to be from your local law enforcement agency. Unlike SMS ransomware, Winlocker instructs you to pay through an online payment system.
File Encryptors can lock your personal files and folders. This type of ransomware uses sophisticated encryption algorithms to make your computers data unusable. It then demands that you pay for the decryption key using an online payment method like Bitcoin. The ransomware often leaves a file on the victim’s machines with payment instructions. Sometimes even the customer’s service instructions mentioned above.
MRB Ransomware goes one step farther than the other three types mentioned. MBR can change your computer’s Master Boot Record. It interrupts the normal boot process. The MBR is a partition on your computer’s hard drive that allows the operating system to load and boot. When infected with MBR, you receive a ransom message as soon as the computer is turned on.
How does it spread?
Ransomware can infect your computer in the same ways as most other malware. Two of the most common ways are downloads and exploiting program vulnerability. All it takes are for you to visit a malicious or compromised website. Click on the wrong advertisement or link, or open a malicious attachment for the ransomware to gain access.
Tips for prevention and recovery
Having a cybersecurity plan is a must to protect not only your data but your wallet. You need a 360-degree approach to your security. This entails a managing security and firewalls with a solid backup plan that focuses on end-user training.
Backup and test.
To protect yourself from various risks, including ransomware, you will need a good backup strategy. This strategy must include monitoring backup status and testing of the restore process. This ensures that restored files are usable. A backup process without testing may not be worth much.
Perform software updates.
Ransomware loves vulnerable, outdated systems. It makes use of vulnerabilities in Windows, OS X, and other software to infect your systems. Making sure your software is up to date could be the difference in stopping ransomware.
Who uses your PC’s?
Restrict the use of each PC to only authorized people. In an office environment, keep them locked down to essential personnel. At home, avoid letting your kids use any PC with work-related data.
When the worst happens.
If you do find yourself infected with ransomware, without a backup, you may be forced to pay the ransom. We don’t like saying that, but if the value of your data is sufficient, you may want to pay. Even the FBI has stated that this may be the best course of action in some cases.
Ransomware attacks are a hostage situation, so organizations need to handle the threats accordingly. Responding without a plan if your data is compromised isn’t an optimal solution. These threats are one of the grave outcomes, even if you manage to get your data unlocked. Trying to negotiate with the criminals doesn’t always pay off either. You are dealing with criminals in the end, and they could always take your money and still not give your data back.
Having the proper tools installed, a secure backup, and the education provided you could help prevent ransomware. The best cure is always prevention. With infected computers, you have limited options. It can cost you or your company thousands of dollars to get your systems back to normal. Knowing how to stop ransomware before infection is key.
To get more information on putting a backup system in place or to obtain information about your current IT infrastructure, talk to one of our IT geniuses today.