The concept behind ransomware, the most widely used form of malicious software, is simple – Lock and encrypt the victim’s data, then demand a ransom to restore access. Often there is a time limit set to make payment or the data will be destroyed. Paying the ransom doesn’t guarantee restoration of your software either, it’s a catch 22.
They can hold your personal files hostage, withholding your documents, photos, and financial information. Those files are still on your computer, but the encryption makes them completely unreadable. In 2017, the average ransom demand was $5221 — a high price to pay for getting your own property back.
Types of ransomware
Ransomware types vary with some being more harmful than others, the common denominator being the ransom. The five types of ransomware are:
- Crypto malware. This is a widely known form of ransomware and can cause a lot of damage. One example is the 2017 WannaCry ransomware attack, which targeted thousands of computers around the world and spread itself within corporate networks globally.
- Lockers. This ransomware infects your operating system and completely locks you out of your computer, making access of any of your files or applications impossible.
- Scareware. This is a fake software that appears to be an antivirus tool. Scareware often claims to have found issues on your computer then will demand money to fix the problem. Some types of scareware lock your computer, while others flood your screen with alerts and pop-up messages.
- Doxware. Usually referred to as leakware, doxware threatens to publish your stolen information online if you fail to pay up. As many people have stored sensitive files and personal photos on their computers, it is not things you want leaked which is why so many will panic and fork out the ransom. RaaS. Also known as “Ransomware as a Service,” RaaS is malware that is hosted anonymously by a hacker. The hackers manage everything from distributing the ransomware and collecting the payments received to managing decryptors — which is software that restores data access
What to do and what not to do
Ransomware is such a profitable market for cybercriminals and is unlikely to stop anytime soon. Prevention is the best defence in protecting your personal data. To stop cybercriminals and protect yourself from a ransomware attack, think about implementing the following dos and don’ts:
- Use a security software. This will help protect your data. Make sure you choose a trusted security suite that does more than just antivirus protection.
- Ensure your security software up to date. New ransomware is appearing all the time and ensuring your internet security software is current will help protect you against cyberattacks.
- Regularly update your operating system and other software. Software updates include patches for newly discovered security black spots that left unprotected can be exploited by ransomware attackers.
- Don’t ever automatically open email attachments. Email is one of the main ways cybercriminals deliver ransomware. Just don’t ever open emails and attachments from unfamiliar or untrusted sources.
- Don’t open email attachments that request you to enable macros to view its content. Once it’s enabled, macro malware can infect multiple files. If you aren’t 100% sure the email is genuine, and from a trusted source, delete the email.
- Back up important data to an external hard drive. Attackers gain leverage by encrypting valuable files and making them inaccessible to you. Having a back up of your important files takes away their power and will allow you to restore your files after the infection has been cleaned up.
- Utilise cloud services. This can be immensely helpful in preventing a ransomware infection since many cloud services keep previous versions of files, which means you can “rollback” to the unencrypted form.
- Don’t pay the ransom. Paying the money won’t guarantee your access being restored.