Ransomware is malicious software that infects your computer and displays messages demanding a fee or a ‘ransom’ to be paid in order for your system to work again. This class of malware is a criminal scheme designed for hackers to make easy money, and can be installed through deceptive links in an email message, instant message or website. It even has the ability to lock a computer screen or deny the user access to important and sensitive files on the computer with a password until the ‘ransom’ is paid off.

HISTORY OF RANSOMWARE

The first known case of ransomware was actually reported in Russia in 2005. However, since then, ransomware has spread to all corners of the globe, with new types emerging over time and still successfully targeting victims to this day. An example of a particularly ruthless and widespread form of ransomware was CryptoLocker that targeted all versions of Windows in September 2013. It had successfully infected hundreds of thousands of personal computers and business systems. A person would harmlessly open up emails impersonating customer support services from FedEx, UPS, DHS and other companies. Once opened, the ransomware would pop up and block the user from accessing files until they paid approximately $300 within 72 hours.

DIFFERENT TYPES OF RANSOMWARE THAT HAS EMERGED THROUGHOUT THE YEARS

The emergence of ransomware set off a new branch of computer crime, which slowly, but surely, grew in reach – and really took off in the internet age. Below are a few ways ransomware can attack and deceive anyone:

  • Police ransomware – This form of ransomware would mainly extort individuals on their private PCs and not organizations. Basically, it locked the screen with a ransom note warning the user that they had committed illegal online activities, which could get them sent to jail. However, if the user simply paid a fine, the 'police' would let the infringement slide and restore access to the computer by handing over the decryption key.
  • Scareware - This malware poses as security software or tech support for your computer. Victims may receive pop up notifications saying malware has been discovered on their system. Not responding to this will not do anything except lead to more pop ups until the user gives in and installs the ‘security or antivirus software’ that is being advertised in the pop ups for a price. However, the software being advertised is simply a placebo and will do nothing for the computer and only takes the victim’s money.
  • Encrypting ransomware: This particular cyber attack gives the attacker access to, and then encrypts the victim's data and asks for a payment to unlock the files. This ransomware mainly targets companies and organizations. Once this happens, there is no guarantee that the victim will get access to their data back even if they pay the ransom.
  • Mobile ransomware: This ransomware targets mobile devices. An attacker may steal personal data from a phone or lock it and demand a ransom to return the data or unlock the device otherwise the hacker may threaten to leak the sensitive data to the public or never unlock the device.

HOW TO PROTECT YOURSELF FROM RANSOMWARE

To protect against ransomware, IT experts urge users and companies to regularly back up computing devices and always keep their software up to date, including any antivirus software. All users and employees should always be extra careful when clicking on links in emails from unknown sources or opening email attachments. Victims should do all they can to avoid paying ransoms. Individuals and organizations can take important data protection measures to ensure that in the case of a ramsomware attack, the damage is minimal and recovery is as quick as possible. These data protection methods include:

  • installing authentication systems on sensitive files
  • keeping alternative storage pools outside the main system of data storage so there is always a back up
  • enforcing hard limits on who can access data and when access is permitted

In conclusion, ransomware can definitely be scary to deal with and possibly even detrimental to a company’s integrity, if you are ever targeted by a hacker. It’s always better to have a quick seminar to educate employees on the basics of cyber security and how to work safely at home and always stay up to date with the best practices of internet safety.