Ransomware utilizes malware (malicious software) to make data or your computer’s operating system unreadable or inaccessible. It demands payment to unencrypt affected files or systems. However, even if the ransom is paid, there is no guarantee ransomed items will be released. According to the FBI, Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Read the full FBI article here.
In its simplest form, Ransomware has been around since 1989 represented by the AIDS Trogan virus, which was distributed via floppy diskettes (remember those?) sent to World Health Organization’s international conference attendees. When the computer containing the virus was rebooted, files were encrypted and the ransom demand was made. Users paid $189 in ransom. It didn’t take long for decryption tools to recover the files and stop the attack.
Ransomware became more prominent around 2006 with a Russian-based extortion plan by organized criminals called TROJ_CRYZIP.A. This version placed files of a certain type into a password-protected ZIP folder and deleted the originals. Victims were directed to pay $300 to an E-Gold account (a precursor to Bitcoin).
Ransomware really began to explode in 2013 with the first widely-recognizable crypto-ransomware called CryptoLocker. This form of ransomware made the recipient’s computer virtually unusable by encrypting all files. CryptoLocker was delivered through downloads from compromised websites, phishing and email attachments. It was extremely sophisticated and utilized Bitcoin for payments.
Spinoffs of CryptoLocker, Onion, Reveton, Jigsaw, KeRanger (the first official Mac OSX-based ransomware), CryptXX and others, make it clear that that ransomware will continue to increase in sophistication and range. Delivery methods will expand as will types of machines affected and ransom amount. In fact, reports this year indicate Android phones are now at risk. There’s no end to the extent cybercriminals will utilize to take your money.
How to protect yourself
There are some basics to follow to protect yourself:
1. Keep your system backed up on a regular basis so you can restore your computer to a known clean state.
2. Utilize a strong and reliable security system that can identify and block ransomware threats.
3. Keep your software updated. Patches are constantly being added as viruses and ransomware are being identified.
4. Perform a full network scan to identify infected computers – isolate compromised equipment until they are complete clean before putting back into service.
5. Show hidden file extensions so you can spot a potentially suspicious file. Often “EXE” files can contain a virus. Always be wary of EXE files sent via email attachments.
6. If at all possible, don’t pay the ransom. This not only encourages the cybercriminals, but may place you in an even worse situation. There have been plenty of cases in which a decryption key was never provided or did not encrypt all files.
To learn how to protect yourself, get your free copy of the The Guide to CryptoLocker Prevention and Removal today.