A recent spike in ransom-ware attacks on computers all over the world is an alarming sign and one that will have plenty of security experts worried.
What is Ransomware?
To elucidate, ransomware is a type of malware that restricts access to the infected system – and true to its name will only disengage itself if the user of the infected computer pays a fee or ‘ransom’. Several variants of this malware exist with differing means but all gravitating towards the same end objective.
Ransomeware either locks you out of your device or holds your data hostage until you pay a fee
In some cases the malware will start deleting files if the user dithers in paying the ransom, whilst in others there will be a permanent lock screen which can only be removed remotely. One of the more famous variants of ransomware, known as CryptoLocker, famously generated $3 million dollars in extortion money for its creator before a fix was found. Clearly, the threat still lurks.
How Can You Stay Safe?
There are some tips and tricks which will help you in case you are ever infected by a ransom-ware attack. The first thing to keep in mind is that by paying the ransom, you are simply encouraging the hackers to develop more malware and invest more time in attacking networks all across the world.
Instead, once you are sure that your computer has been attacked by this malware, remove it from any network immediately. If you have recently backed up your files, then restore your PC from that point to regain access (this is a good time to mention that you should back up your files on a regular basis).
Many ransomware attacks use social engineering to fool the average user so the onus is on you to be smart
It is also prudent to employ content scanners and email filteration software as this will scan all incoming emails for viruses. Whilst some clients such as Gmail have these pre-installed, it is nevertheless a good idea to keep other 3rd party software handy as well. Furthermore, all other anti-virus software needs to be regularly updated and all patches installed.
The most common mechanism for attack is “spear phishing”, whereby unsolicited emails are sent to mailboxes at random with various attachments and links to external sites. A system can be infected merely by clicking on the link or attachment, so it is imperative to be very careful.
This article is a part of an ongoing ProPakistani series that aims to educate users about security and privacy