The cyber world is full of threats that come in different forms. However, there is a common thing about these threats. All of them intend to cause some harm. One of the most dangerous threats that you can encounter is ransomware. “We have discovered that you have been watching pornographic videos using your computer. We would like to inform you that doing so contravenes one of the ethical codes in our state and you will be prosecuted. In order to get your computer back, you should pay us $500 or the price will increase within 48 hours.” Have you ever seen such a message or anything similar to that on the screen of your computer? If so, then you were a victim of ransomware.
So what is ransomware?
Ransomware is malicious software that locks your computer and encrypts your personal data such as pictures, videos and music, preventing you from doing anything with it. It threatens you that you can only recover your computer once you have agreed to meet some terms that have been specified. You should not pay money to the account that has been given or send your login credentials to the hackers. In simple terms, the word ransomware has been coined from “ransom” which is the amount that you pay for a kidnap or any form of damage. Under this circumstance, the victim of the kidnapping ordeal is your computer and your personal files.
Recent real-life examples of a ransomware attack
Do you still doubt the dangers of this attack? In the year 2016, the network of a hospital in Los Angeles came under a massive attack from hackers who perpetrated their attack in the form of ransomware. The hackers encrypted very sensitive medical data and after that, they started demanding a whopping $17,000 ransom so as to release the encrypted data. You don’t want to imagine the nightmare that the hospital management went through. Big organizations and Corporates have also not been spared from this attack. Some of the known victims include Renault, FedEx, a number of banks in Russia and many others. This just shows you that anyone can be a victim of ransomware.
The most recent attack is the WannaCry ransomware. This ransomware is still ongoing and it’s targeting the Microsoft Windows operating systems. So far, it has infected more than 230,000 computers worldwide including the NSA, hospitals and businesses, with the software demanding ransom payments in Bitcoin. Luckily, Microsoft has issued a patch to fix this vulnerability in their operating systems and you should immediately update your computer if you are running Windows.
How ransomware works
There are different types of ransomware, but all of them have a common goal, to lock your personal files and prevent you from using your computer. Another goal of this attack is to extort money from you. Ransomware doesn’t have specific targets. Any computer can become a victim. Once the malware gains access to your machine, it will scan through different files such as documents and media records. After that it will encrypt the affected files, that is, hide them in a coded message which cannot be read by anyone else. The hackers will then leave you with a loud, threatening message which will be displayed on the computer screen.
Since the hackers in charge of the ransomware don’t want to be detected, they will demand that you transfer the money through Bitcoin. You will be threatened with dire consequences if you fail to meet their needs. The worst thing about this form of cyber attack is that you will never be sure of getting back your vital files even after you have met the demands of the hackers. This means that you could be literally burning your money as you watch. Another thing that you should note is that hackers can temporarily release your computer after you have paid them then launch another attack.
Types of Ransomware
There are two major types of ransomware; encryption ransomware and lock screen ransomware. The two were differentiated depending on the impact that they leave on a computer. For instance, encryption ransomware encrypts files and applications that are on your computer. It locks them so that you will never access or use them. On the other hand, lock screen ransomware literally locks the screen. The message of the ransomware is displayed on the whole screen, disabling you from executing any action beyond a certain point.
Tips to protect you from ransomware
Now that you have known what ransomware is, it’s high time that you discover safe methods that you can use to protect yourself from malware attacks.
1. Back up your files
The importance of backing up your data has always been emphasized since the invention of the computer systems. Backing up your data will not only protect you from losing data but also give you ultimate protection against unseen thieves which are the malware. Once you have been attacked by ransomware, the original data including the documents that you created before the attack can get lost. However, you can still get your records if you created a duplicate copy to back up the original one. The data that was backed up can be obtained through a simple procedure such as system restore, but beware as some viruses can also infect your system restore rendering it useless.
Sometimes the issue of time comes into play when you want to recover the data that was attacked by the ransomware. Maybe you fear that the process of restoring the computer to its original point can take too long. A perfect solution to this problem is using external drives to store your sensitive data. Once you have created your original document, you can copy it to an external drive such as USB drive and let it stay there for future purposes. Alternatively, you can use cloud storage to help you backup your stuff. As hackers wait for the ransom, you will be using that critical data that they think they have.
2. Use Secure Email Gateway
Another common avenue used by hackers to send ransomware into your computer is email. A simple and friendly email into your inbox can bring one of the worst nightmares of your life. But how will you be able to detect whether an email is safe or not? One of the best methods is by ensuring that you have a “Secure Email Gateway (SEG)“. This software is responsible for scanning all the emails that get into your inbox. It only allows safe emails and filters out those that look suspicious. The software checks if the URLs that have been attached in the mail are genuine or will direct you to an insecure site.
Another thing that Secure Email Gateway checks is the files that have been attached to the mail. It does so by filtering the file extension. The hacker can decide to send a program through the email and this program will be tasked with scanning through your computer so as to mine vital data. Most of the programs come with *.EXE extensions and in most cases they will request you to download and install them. Rather than waiting for the software to get to your computer, the secure gateway will warn you against downloading that file.
3. Reveal the hidden file extensions
You can know if a file is safe or not by checking its extension. This can happen without involving third party software. Most ransomware come with *.EXE extensions. Unfortunately, Window settings may not allow you to view these extensions so you may end up downloading a corrupted file without knowing. To take care of this factor, you need to enable the ability to view the full extensions of the files that you download. This is a low-cost move that will keep suspicious files at bay, and you will only retain those that you can trust.
4. Update your software
In real life scenario, old people are at high risk of being attacked by different types of diseases. This is because their immune system is weak and is not able to fight any disease-causing micro-organism that can pose a threat. The same applies to the computers and their software. Most hackers go for outdated software. Old or outdated software are vulnerable to any form of attack. This is because the hackers take all their time to study its weakness and discover ways to bring the whole system down. An updated version may have new structures and new security features that are not easily penetrable.
After how long should you update your software? The best answer is that you should do it on a regular basis. There is no particular time when the updates should be made. This is because some software vendors are in the habit of releasing new updates after a short period. This could be because they discovered a security risk in the previous version of the software and that’s why they are trying to seal it with the new version. Whenever you see a pop-up sign on your computer screen informing you about the latest updates, don’t close the tab but instead do what the message says. You will be saved from the worst nightmare.
5. Immediately disconnect from the network
There are emergency moves that can help you during the last seconds, just when the ransomware is about to get into your computer system. One of those moves is to disconnect from the network immediately after you suspect that the ransomware is somewhere around the corner. By disconnecting from the network or turning off the Wi-Fi, you would have cut the communication protocol that the malware was using to communicate with the server on the other end. This simple move can render the whole file harmless, and you would have saved the computer from a massive destruction.
The move works on the notion that it is better to be late than never. By using it, you would have saved some files which had not been encrypted. It may not be 100% successful so you should not neglect other methods and use this one.
6. Use the best security suite
One of the methods that can provide full protection to all the computers against ransomware is using reputable security suite. Under this circumstance, an anti-malware can do a perfect job for you. The software will be able to detect any suspicious activity that may be happening in a network and alert you in good time. It can warn you about the status of a particular file and prevent you from opening it. At the same time, the software can scan all the external storage devices that are connected to the computer and detect any signs of ransomware. From there it will execute appropriate actions which include getting rid of the malware.
Another software that can perform a perfect job when used with malware is the firewall. In case the ransomware manages to penetrate through the anti-ransomware, it will still have a daunting task ahead of it, and that’s to pass through the firewall. Most firewalls have robust security mechanisms which can prevent the toughest malware. You should also ensure that your firewall is up to date and it has been properly configured so as to avoid any intrusion by suspicious software.
7. Mark out users who handle sensitive data
In almost all organizations, a small number of people handle the most critical data that need to be highly protected. This could be the data that contains all the secrets of your organization or keeps the business moving. Most hackers and ransomware authors would target this data because they know that you will quickly submit to their demands in case they manage to get hold of it. Ensure that you have enforced a high form of trust authentication on these users. You should also keep a close eye on these types of users so as to ensure that they are not compromised in any way.
8. Deploy security awareness and training
Everyone in the organization regardless of the field of work should be made aware of cyber threats. You should also include all the junior workers or those that you deem harmless. Remember that hackers can use any little chance to get an entry into your organization’s computer. They can simply entice the company secretary to fill details about the company into a form, and once it has been submitted, they will have full access into other computers in the network. The training sessions should be lively and cater for people who have different career backgrounds.
9. Be keen about the messages that you receive
Be wary of the messages that you receive. These include phone texts, emails, and even those that you receive on different social media platforms. You should take extra caution if the message contains some unfamiliar URL links or has a suspicious attachment. In case you are in an organization, educate all the members about being keen with the messages that they receive.
10. Use a MAC
Yes, if you don’t want to get infected with all these crazy malware then simply use an Apple computer. Even though they are very expensive, Mac computers are very reliable machines and they hardly get infected with malware. This is because the Windows operating system is used by more users than the Mac, making the Mac a less interesting target for hackers to exploit. Apple’s operating system, the OS X, has about 5.02% of the OS share market worldwide. However, you should still install an anti-virus on your Mac just to be sure.
Ransomware can set back the financial health of any victim. In case you are using a computer for business purposes, you will have to deal with the lost working hours wasted when your machine was being held as a “hostage”. In case you end up paying hefty fines to the hacker, your financial situation will be directly affected. On the social side, the ransomware can accuse you of very shameful deeds such as watching pornography. If other people happen to see the message, your image may be tainted. Take precaution by putting the above tips into practice.