Ransomware is malware that takes over a computer or device and then threatens the person with harm and usually prevents the user access to their data. The cyber-attack then demands a specific ransom from the user with the promise of restoring the access to the data once paid the ransom demanded. The victims affected by the ransomware are usually given or shown instructions on how to pay the ransom in order to get their hands to the decryption key that will unlock the access to their data. The ransom costs usually range from a hundred to thousand dollars which are payable to the hackers in cryptocurrency or via credit cards.
The first ever ransomware occurred during the 1980s, it is called PC Cyborg or AIDS. It encrypted the files in C directory after the occurrence of 90 reboots; the hackers demand the user to renew the license by sending $189 via mail to PC Cyborg Corp. The encryption used by the hackers was simple and can be reversed easily by those who are knowledgeable with computer processes so it didn’t pose as a threat to those who were attacked.
How does Ransomware occur?
There are different ways ransomware can infect an unsuspecting user’s computer. One of the most popular methods nowadays is by using malspam, it is the unsolicited email used to target a specific victim and deliver the malware. The email usually contains file attachments such as PDFs or Word file documents and it can also contain different links that once accessed or clicked it will link to different malicious websites.
Cybercriminals have used social engineering that tricks the unsuspecting users to open different file attachments or clicking the links that usually appears as legitimate for example it comes from a legitimate source or a friend. The hackers also pose as the FBI and usually scare the users into paying the specific ransom in order to gain access to their personal data.
Another way of ransomware infection method is malvertising and it was widely used during 2016. This process uses advertising online which distributes malware and it usually requires little to no user interaction. Whenever an unsuspecting victim is browsing the web even the legitimate websites, they can be redirected to malicious servers without clicking any link or ad. The said servers will enlist the details and location of the user’s computer and then send the specific malware to the unsuspecting victim.
Ransomware usually targets individuals or regular people, however as the technology improves the hackers and cybercriminals has developed other ways to improve this type of malware and even affecting bigger businesses. Ransomware was widely used and able to attack different business in 2016, 12.3% of global enterprises were affected and during 2017 35% of businesses were affected by ransomware attacks all over the world. Ransomware attacks are usually focused in the western markets; the United States, Canada, and the UK are among the top countries that were targeted by cybercriminals.
How to remove and prevent Ransomware
Once infected by ransomware, the victim must never pay the ransom. When the victim pays the hackers or cybercriminals, all it does is encourage the criminal activity and more cyber-attacks towards the victim or some other unsuspecting victim. Check online for free decryptors that help retrieve encrypted files. Using decryptors are not advisable if the victim affected by ransomware is not an IT or security specialist.
Ransomware attack can also be dealt with by downloading security programs that are focused on running scans and removing specific threats on the computer or device. The files are usually not retrieved but the infection will be cleaned up and removed. Perform a system restore through different ways such as using a bootable CD or USB drive.
If suddenly there is a suspicious activity on the computer or device, make sure to turn it off and disable the internet connection. Boot up the device, even when the ransomware is active since it is not connected to the internet it will not be able to receive or send instructions from the hacker or cybercriminal. Without the key or instructions for the payment method, it will stay idle. The victim may then install a security program or software and perform a full scan on the device or computer.
There are methods that will help deal with ransomware attacks however the solutions available may not always work fully and technical skills from an IT or security specialist will be required.
Ransomware can be prevented by using top-notch cybersecurity software or program that will protect the computer or device. Look out for the features that will protect and prevent the threats and also block the malware programs to hold the files or data as a hostage. Users who have been using premium versions of cybersecurity programs were protected from the ransomware attacks that occurred during 2017.
A simple user or bigger company need to create backups for data or files that are not accessible using the internet. One way to store these important files and data is the cloud storage, USBs or external hard drive that will save these files accordingly. Always remember to disconnect the storage devices used from the computer or device after the backup procedure is done otherwise it can also be affected by the ransomware attack.
Also, make sure to keep the computer or device updated with security patches. One well-known ransomware attack was the WannaCry wherein it was able to use the vulnerability of the Microsoft software. The company released a patch for the security loophole in March 2017 and most users were not able to install the said update which made them vulnerable to the cybercriminal attack. Always check for updates and if there is an option for automatic update it is highly recommended.
Modern technology nowadays has been ever-changing, always stay informed. Read and do research as there are different ways that are now being used by cybercriminals and hackers to launch cybercrimes to unsuspecting victims. One of the most common ways computers and devices are attacked by ransomware is through social engineering. Always be alert and use common sense. Never install a software or program if it is suspicious.