Ransomware is one of several types of malicious software (malware) used by hackers. In recent years, it has emerged as a leading security threat, as the stakes remain high and the malware grows more powerful.
As the ransom half of the word implies, the hackers take hold of your computer files — typically by locking your computer or encrypting your files — later demanding you pay a fee to receive the key to regain access to your files. Unless your files are backed up somewhere else, your options appear limited: pay up or lose it all.
Ransomware is a serious problem that affects both individuals and organizations, but understanding how it works can help protect against attacks.
The Common Types of Ransomware
Ransomware typically takes one of two forms:
- Locker Ransomware. Hackers lock the victim out of the operating system, rendering all files inaccessible. To unlock the operating system, victims are asked to pay a ransom.
- Encrypting Ransomware. Hackers encrypt the victim’s files with complex algorithms. To receive the key to decrypt the files, victims are asked to pay a ransom.
One popular type of locker ransomware attempts to trick victims into thinking their computers have been locked by the police, not a hacker. This “police-themed” ransomware usually displays a message stating that the computer has been locked due to suspicion of illegal activity. While it is true that the computer has been locked, it’s not due to illegal activity on the victim’s part. It’s a ransom scam that convinces users to pay a “fine” to unlock the computer.
While locker ransomware is a real threat, cyber security experts see encrypting ransomware as the more prevalent risk.
CryptoLocker is one of the more well-known encrypting ransomware. It came to prominence in 2013 and was shut down less than a year later, but not before extorting more than $3 million from victims. The malware was spread through malicious attachments or links, often sent via email.
Once the malicious file was executed, it encrypted a computer’s files. While data encryption is usually a way to protect your information, the hackers were the only ones with the decryption key. When encrypted, a screen would appear, warning the victim to pay a ransom within a specified timeframe or lose those files — important documents, photos, media, etc. — forever.
Since the success of CryptoLocker, many hackers now emulate this strategy. But what makes encrypting ransomware such a burden is not so much the malicious code itself. As far as removing malware goes, that process is relatively straightforward. However, when removed, that does nothing to resolve a victim’s big problem — the virtually unbreakable encryption scrambling their files.
How to Stay Safe in a World with Ransomware
The first known ransomware attack took place in 1989, a time when few people used personal computers, let alone accessed the internet or sent international payments. Today, over 73% of households in the United States have a computer connected to the internet. Storing large swaths of important data is standard. Online transactions are commonplace.
So while an obvious solution to avoiding ransomware would be to stay offline, there are more practical ways to keep you, your data, and your money safe.
- Back up your data. If your data is backed up before an attack, you won’t have to pay to regain access, because you made copies. The cloud is one of the most common and safer places to back up your data. If you opt for a local storage device or server, make sure these are kept offline and not using a direct connect to your systems, as ransomware attackers can otherwise seek these out them as well.
- Practice safe emailing. Most hackers employ a randomized phishing approach, knowing that with enough users targeted, the likelier they are to catch a victim who takes the bait. If it looks suspicious, don’t click on it.
- Update your operating system. Computer technology companies are typically fast to patch any vulnerabilities. By updating regularly, you’ll give would-be hackers a smaller window of opportunity.
- Keep your firewall on. A firewall is designed to block any unauthorized access to your system. If you’re running a Windows device, it’s always advised to keep Windows Firewall running.