What Is Ransomware?
Ransomware is a type of malware that once infects a computer, restricts access to the computer until a ransom is paid to unlock the computer. Two main types of ransomware exist – encrypting and non-encrypting ransomware. Encrypting ransomware will allow your computer to boot to the operating system but will encrypt all of your personal data. This means you won’t be able to browse or access any of your personal data while it is encrypted. Notices will be displayed on screen with instructions on how to pay to gain access to your data. Non-encrypting ransomware uses a similar principle in that you are unable to run applications or access your data but instead of using encryption, areas of the OS are locked down and you are only able to access the information used to release the ransom.
Although the earliest examples of ransomware showed up in the late 1980s, ransomware has recently become much more prevalent due to the large amounts of data people store on their computers. Today, computers are critical devices to many people and are used daily to perform work, store personal data and for entertainment. Criminals recognized this and figured out a way to make a lot of money for themselves. For example, between just a few months in 2013, ZDNet estimated about $27 million in ransoms had been paid to the makers of Cryptolocker – one of the most prevalent ransomware systems.
So… what can you do to protect your computer and your data?
How to Protect Yourself
First, start with the basics. Make sure you have a good anti-malware system in place. Free scanners may look attractive to you, but make sure your scanner has a few important features. For example, make sure your scanner can perform real-time scanning. Real-time scanning will stop an infection if you inadvertently open a malware package. If you use an offline mail client like Outlook to download and read email, make sure your scanner also supports email based scanning. As malware is often sent via email, a scanner that can scan and remove malware from email is also necessary.
Next, use common sense. If you receive an email from someone you don’t know, don’t open it! If you receive an email from someone you do know but the email doesn’t sound like it’s from them, the mail could be spoofed and infected with malware. Also, if you aren’t expecting an attachment from a friend, don’t open it! If you use peer to peer networks, be extra careful as this is another popular avenue for malware.
Back up your critical personal data to an offline storage location. For example, set up a weekly task to back up your computer to an external hard drive. Once the backup is complete, disconnect the hard drive. Ransomware will attempt to infect any mapped network devices or any additional storage you have attached to your computer. By creating a backup and taking it offline, the ransomware has no way to encrypt your data.
Another option is to use an online backup service such as CrashPlan who specifically keeps previous versions of your files long term. Once the ransomware is removed to stop further infection, you can load up CrashPlan and restore your files from prior to the attack. Be wary of free providers like Google Drive and Microsoft OneDrive as they limit the number of revisions kept.
If you suspect you have ransomware you must act quickly. The process of encrypting your hard drive takes time so if you can kill the encryption procedure you can safeguard some of your data. Shut down your computer immediately. Check with your anti-malware vendor and look for a pre-boot scanner – sometimes also referred to as a Rescue Disk scanner. You will need to follow the instructions your vendor provides to scan your system without booting into Windows. The scanner will hopefully find and remove your malware. If you act fast you may be able to save much of your data.
Have you had any ransomware? If so, what did you do? Leave a comment below!