What is Ransomware?

Imagine switching on your computer one morning only to find that you cannot access your files or that your screen is completely locked. Onscreen, lies a menacing image of a lock and a message telling you that you may not access your screen or files unless you pay a fee. Confusion takes over as you are put in an uncomfortable position – “Pay up! Or else.”

What has happened here is that you have just been the victim of a sophisticated cyber-criminal who has used ransomware to attack your computer.  Put simply, ransomware refers to any kind of malware (software created for malicious purposes) that demands a ransom from a user in exchange for the return of a “kidnapped file”. The word literally comes from the words “Ransom” and “Software”. So, what is held captive? Your files, which may be multi-media files, office files or system files that your computer relies on to work properly.

How is ransomware spread?

Ransomware is spread through attachments sent by unsolicited emails or by clicking on a link in an email claiming to come from a bank or delivery company. It is also spread through fake software updates as well as peer-to-peer file sharing networks being passed on through activation keys for popular software, such as Adobe Photoshop and Microsoft Office.

Ransomeware What kinds of Ransomware are out there?

There are 2 kinds:

  1. A ‘Filecoder’ which encrypts the files.
  2. A ‘Lockscreen’ which locks the computer and stops you from using it until you have paid the “ransom”.

Where did it start?

Malware has been around for a long time.  In 2005, Russian cyber criminals created the first ransomware detected as Trojan Crysis. It was a crude parasite which zipped and password-protected a user’s personal documents. The user would then find the ransom note on their desktop. In 2012, ransomware exploded around Europe and North America, posing as law enforcement alerts accusing victims of piracy, terrorism as well as child pornography. The victims were then urged to pay a $200 fine or face criminal charges.

ransomware

In 2013, the criminals behind ransomware were already extracting more than $3,000,000 per year from their victims. Then Cryptolocker was released. Cryptolocker represented a totally new family of malware, which encrypts a user’s photos, documents, and other personal files with a uniquely customized secret key. These files could only be restored by paying a ransom to obtain the secret key.

Ransomware Pic 4

On January 10, 2015, the FBI made an official statement that ransomware was on the rise, emphasizing that a new ransomware variant, CryptoWall, was encrypting user’s files and charging anywhere from $200 to $5,000 in bitcoins to restore them. The FBI did not provide any viable solutions for decryption. In 2016, more than 15 million dollars had already been extorted from users.

A vicious cycle has begun. Most users opt to pay in order to retrieve their valued private data. Every time the ransom is paid, the malware creator receives the funds. What happens next is that some of the money is reinvested into the development cycle and ransomware gets progressively smarter, more effective, and harder to defeat, and thus the vicious cycle continues.

Ransomware today

A new threat is upon the cyber world. It is called “WannaCry.” It combines ransomware with “worm” functionality so the infection of one computer triggers the infection of an entire network. This ransomware doesn’t require a click from the user. It targets itself on outdated versions of Windows. Microsoft fixed it with updates but millions of people still use older versions of Windows or haven’t updated their systems, leaving them open to attack.

Ransomware

When information is everything today, and so much can be stored on such small devices, it is of the utmost importance to keep your technology and business technology protected. Fortunately, anti-malware will protect you from this.

What you should do:

  1. Create a backup plan to make sure your important data is safe.
  2. Store a backup of your most critical data offline or with a secured cloud backup service.
  3. Make sure your operating system and applications are up-to-date.
  4. Use caution when opening email attachments and don’t click unsolicited email links.
  5. Protect yourself with advanced anti-ransomware software.