What Is Ransomware?

Ransomware is one of the most vicious and insidious types of malware. It encrypts your data and makes it inaccessible. The cyber criminal demands that you send money (usually within a certain time period) to regain use of your system. You can only hope that if and when you pay what is demanded that the hacker sends you the decryption key.

Unprepared computer users can be devastated by a successful ransomware attack.

Today you should become urgently aware of ransomware and routinely do what is necessary to fight against it. The problem has been growing. In the previous year it reportedly grew by 2,500%. Unless you are careful, you could suddenly see a message on your screen announcing that your data is inaccessible.

Ransomware can be delivered to your computer in a variety of ways. An email attachment, for example, is a typical tool that can be used to infect your system. The cyber criminal’s goal is to get you to “click” on a nefarious attachment installed on your computer. “Falling” for the trick, essentially allows the cyber criminal’s program to run in the background and to encrypt essential data that renders the system inaccessible.

The use of Spamware is another delivery method that can be used to draw in users to take action to implement ransomware. There are a number of nasty techniques. Avoid clicking on unsolicited offers or questionable links. Evolving ransomware is now automated and some attacks are now hosted by cybercriminal organizations that sell ransomware as a service for a percentage of the amount stolen.

One is for the hacker to use an invisible web page placed behind the one that is observed on the screen. An unsuspecting computer user could click on a particular area on the screen and the downloading of the ransomware would begin without the user’s knowledge.

Everyone Should Fear Ransomware

The growth of ransomware has been huge and was labeled as the most significant malware in 2018. The number of attacks increased by more than 109% over the previous year. One industry source estimates that 75 billion dollars a year is now being lost.

The author is familiar with a city government that was the victim of a malware attack. The cybercriminal demanded $500,000.00 to restore user access to the city government’s mission critical information. The ability of the municipality to conduct business ground to a snail’s pace. Town officials were forced to pay the ransom. Fortunately, access to the records was restored.

Recovery costs from ransomware attacks are large. One well publicized attack on the city of Atlanta reportedly demanded a $51,000.00 payment. Recovery costs were estimated to have been 17 million dollars.

Cyber thieves use ransomware attack to extort monies from institutions, businesses, personal computers and even mobile devices (particularly Android systems). User awareness is a major factor that can influence whether an attempted ransomware attack succeeds. Keeping all of your software updated is important, too.

Backing up your data is one of your main defenses against a ransomware. You must remember, however, that anything connected to your network can be infected by ransomware. That includes the data stored in the cloud.

Professionals suggest that your backup must be completely apart from your mission critical information and stored separate and apart from your electronic data system.

Andra Zaharia with Heimdahl lists 15 items to take protection against ransomware to a higher level.

Her comments are paraphrased below:

1) Develop a strong sense of security awareness.

2) Avoid storing critical data on a PC.

3) Maintain at least two full backups on a removable hard drive.

4) Sync your data to whatever cloud solution you use and immediately close out the connection.

5) Consider conducting a “white hat attack” on your computer systems.

6) Update and patch all operating system and application software.

7) Consider using a guest account (rather than an administrator account) for daily use.

8) Turn off all macros (special command sequences): Word, Excel, PowerPoint, Java, etc.

9) Remove browser plug-ins (Adobe Flash, Adobe Reader, Java and Silverlight). Set the browser to request activation.

10) Maximize your browser’s security settings.

11) Remove any older software or plugins that you don’t use any more.

12) Use an ad blocker to avoid malicious ads.

13) Never open email from unknown senders.

14) Never download attachments.

15) Never click on questionable links.

16) Purchase and use a reputable antivirus or malware product and set it to automatically update.

17) Consider using a traffic filtering software package.

18) Another source suggests disabling what is known as Remote Desktop Services if you don’t use it.

The author of this article personally recommends that you avoid maintaining a persistent connection to the Internet.

You need to have a backup plan in place and on stand-by to avoid wasting critical time. You’ll have to wipe your computer if infected by malware. Therefore, you must be prepared to restore your data from the backup you maintain. Security professionals suggest that you practice restoring your data from backup.

What Can You Do if You Are a Victim?

The truth is that restoring your information is likely the only way to defeat the cybercriminal that attacks with ransomware.

The federal government advises that once you detect an attack you notify authorities as soon as possible. Report a ransomware attack to the nearest FBI field office or United States Secret Service. Doing so might be able to help you prevent further losses.

What Resources Are Available to Help?

The Department of Homeland Security publishes a detailed report entitled, “Ransomware, What Is It and What to Do About It”

Another cyber security resource is 21 Ways You Can Fight Cybercrime. You can downloaded free from http://www.computer-security-glossary.org.

William G. Perry, Ph.D.

Leave a Reply