Any victim of ransomware will recognize these five words. It’s often accompanied by a fake FBI or police logo and a threat of a prison term of “four to twelve years” if the victim doesn’t pay a sum to unlock the PC. The threat of imprisonment is obviously a fake, but the inability to access one’s computer files is real.
Ransomware attacks are growing at an alarming rate, and Windows home users continue to be the biggest victim group. In comparison to businesses, home users are less likely to use security software or keep up-to-date backups of valuable data, making their computers more vulnerable to attack.
How Ransomware Works
The majority of attacks start with an email that includes a link or attachment that looks legitimate, and are often part of a social engineering scheme. From an end-user perspective, ransomware works in the following way:
+ User clicks on ransomware link or attachment
+ Ransomware message is deployed from other infected computers
+ Ransomware payment screen appears
The attacker then demands payment to unlock files. (Bitcoin is generally the requested form of payment as it’s near impossible to trace.) An estimated $24 million was spent on ransomware payments last year, and an average ransomware payment demand has doubled to $678 over the past two years. Once a payment is made, the attacker promises to send an encryption key to unlock the files.
Three Types of Ransomware
Let’s look at the three types of ransomware currently being circulated, and some common-sense solutions to prevent attacks.
What it Does: Locks the victim out of the operating system, making it impossible to access the desktop and any apps or files.
Examples: Police-themed or Winlocker
What it Does: Incorporates encryption algorithms designed to block system files.
Examples: CyptoLocker, Locky, CryptoWall
What it Does: Infects unpatched servers and encrypt files stored on computers networked to the infected server.
Examples: SamSam, Samas
Take Steps to Stop Ransomware
- + Never open emails from unknown senders
- + Never download attachments from spam emails or suspicious emails
- + Never click links in spam emails or suspicious emails
- + Ward off infections by using reliable, paid antivirus products (generally $50 to $80)
- + Keep your operating system up to date, including the latest security updates
- + Use an ad blocker
- + And always, always backup you files using an external hard drive and/or in the cloud
Mac Users Beware
Ransomware groups have largely ignored Mac users, but that changed in March with the release of KeRanger, which targeted Mac OS X users.
You’re a Victim. Now What?
Experts say to never give in to the ransom demands. Paying the ransom is no guarantee that online criminals will actually give you the encryption key. Also, you’re contributing to the problem by further financing their scams.
Computer repair shops should be able to fix your problem. A quick survey found costs for virus and malware removal was generally $80 to $125, with a full system restore, data backup and the installation of antivirus software running from $150 to $200. This, along with reduced productivity, is the high cost victims pay for ransomware. By some estimates, repair jobs alone account for almost a $1 billion annually.
As it is with your own health, prevention is the best medicine when it comes to your computer. Take the steps outlined above to keep your PC free of ransomware.