by Joe Lonergan
We continue our series on staying safe online, and this week we will take a look at the dangers of ransomware and how to avoid it.
Ransomware is a type of malware designed to extort money from its victims, who are blocked or prevented from accessing data on their systems.
The two most prevalent types of ransomwares are “encryptors” and “screen lockers.” Encryptors, as the name implies, encrypt data on a system, making the content useless without the decryption key. Screen lockers, on the other hand, simply block access to the system with a “lock” screen, asserting that the system is encrypted.
Ransomware infections or viruses typically start with a malicious email. An unsuspecting user opens an attachment or clicks on a malicious or compromised URL. At that point, a ransomware agent is installed and encrypts critical files on the victim’s PC and any attached file shares. After encrypting the data, the ransomware displays a message on the infected device explaining what happened and how to pay the attackers.
The most common one we have seen involves an email with an attachment disguised as an invoice/PDF, but it is not a PDF file it is .exe file otherwise known as an executable file and when the unsuspecting user clicks on this attachment it starts to install ransomware on your laptop or PC.
Ransomware attackers love to attack businesses as it can be very profitable for them as some businesses after getting attacked will take the easy option and pay the ransom to get things up and running again. But unfortunately, even after paying the ransom, it is not guaranteed that you will get the decryption key. Some businesses have thousands of emails coming in and may have hundreds of employees, but it only takes one person to click on the wrong attachment to infect a whole network.
Previously we spoke about phishing email scams, these are also the type of emails that ransomware attackers use to catch their victims.
How to avoid
First, always beware of phishing emails that may contain ransomware. Never ever click on an attachment if you do not know the sender.
Back up your data. The best way to recover from ransomware is to restore data from a backup. Backups bypass the ransom demand by restoring data from a source other than the encrypted files.
For most personal users creating a backup of their files has become a lot easier as offsite storage has become more affordable.
If preferred a personal user can purchase a terabyte of physical storage for under approx. €100. Then they can back up their files and data regularly.
Personal users may also have their data backed up to iCloud or OneDrive or other forms of online backup.
Other prevention tools include having good anti-malware software installed on your device.
Ensure your PC or laptop is always updated with the latest software as some older operating systems are vulnerable to ransomware and the most recent update will have the latest security patch installed. But most of all be safety aware and never click on an attachment from an unknown sender.