What is Ransomware?

Compared to everyday viruses, ransomware is relatively new to the malware scene, yet it’s had a significant impact. Unlike other viruses that simply infect your computer, causing you to clean system files or in worst cases format your hard drive, ransomware holds your files hostage by encrypting them, making them unreadable and worthless until you pay a sum of money. Once you pay the ransom, usually in Bitcoin, your files are unlocked and all is well again…Maybe…

How Big of a Problem is Ransomware?

According to InfoSecurity Magazine, ransomware cost businesses roughly $1B in 2016 (http://bit.ly/2mIG8mb). Interestingly enough, most of this estimate does not come from actually paying the ransom, rather it’s the cost of data recovery and downtime experienced. You might wonder why not just pay the ransom, but keep in mind this is truly an electronic version of a hostage situation. There is no guarantee that the files will be restored once the money has been paid AND even if files are restored, there is no guarantee that it won’t happen again!

How Easy/Hard is it to Make?

Believe it or not, there are many ways someone can create their own ransomware, and you don’t even have to know how to program! A simple Google search reveals articles written on the topic, everything from a downloadable kit, to a website where you can simply enter your variables (payment address, amount, etc.) then download when your done. It doesn’t get much easier than that!

Despite the title of this article, I’m not endorsing the creation of ransomware, rather I’m trying to educate the uninformed how simple it is for others to make and how to avoid becoming a victim. Unfortunately ransomware is here to stay so we need to understand how to deal with it.

How to Stay Safe

The two main ways to stay safe are:

• Computer Protection
• Education

Basic computer protection includes things like making sure your computer is fully patched, using antivirus and a firewall. While this is always sound practice, it sometimes isn’t enough.

Ransomware tends to travel through email, so the single best thing you can do to prevent this infection is… not click on links or open attachments! Wait, thats it? Yeah, pretty much. While there are other ways to become a victim, the best preventative is to be smart while accessing your email and stay away from websites and programs that aren’t from a reliable source. Even if you do trust the source, it’s always good to be cautious and not click on things if it’s not absolutely necessary.

My Files are Being Held Hostage, Now What?!?

The best solution is prevention, but if you do happen to fall victim to this nasty practice, you really only have 2 options:

• Pay the ransom and hope for the best
• Restore your files from backup

Obviously the latter is the best choice, so hopefully recent backups of your files are in place. If not, usually you have to pay the ransom. Sometimes the master encryption key can be found online so it’s a good idea to check for your specific variant, but this is typically for “older” types that are not really in use anymore because the scam has been busted. Thanks Cisco TALOS!

EITHER WAY, it’s recommended that you save your personal files (documents, photos, etc.) to a safe space like DropBox or an external drive. That way you can format your hard drive and reinstall the operating system. Doing so eliminates potential leftovers on your computer that could be waiting to strike again.

Stay safe out there!

---

My name is Mark Beall and I'm the owner and creator of http://BasicInfoSecurity.com. I started this project in hopes of helping people have a fundamental understanding of security concepts and how to stay safe both online and offline.