Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker). Other ransomware use TOR to hide C&C communications (called CTB Locker).
The ransom prices vary, ranging from £16 ($USD 24) to more than £425 ($USD 600), or even its bitcoin equivalent. It is important to note, however, that paying for the ransom does not guarantee that users can eventually access the infected system.
Users may encounter this threat through a variety of means. Ransomware can be downloaded by unwitting users by visiting malicious or compromised websites. It can also arrive as a payload, either dropped or downloaded by other malware. Some ransomware are delivered as attachments to spammed email.
Once executed in the system, a ransomware can either (1) lock the computer screen or (2) encrypt predetermined files with a password. In the first scenario, a ransomware shows a full-screen image or notification, which prevents victims from using their system. This also shows the instructions on how users can pay for the ransom. The second type of ransomware locks files like documents, spreadsheets and other important files.
How to protect your computer from ransomware
- Make sure you have updated antivirus software on your computer
- Ensure that you have malware protection as well as anti-virus software on your computer. (Some anti-virus products have a malware checker embedded)
- Don’t open emails from addresses you don’t know
- Hover over links before you click on them, if you think the address is suspicious, don’t click
- Enable automated patches for your operating system and web browser
- Have strong passwords, and don’t use the same passwords for everything
- Use a pop-up blocker
- Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars)
- Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly
- Use the same precautions on your mobile phone as you would on your computer when using the Internet
- To prevent the loss of essential files due to a ransomware infection, it’s recommended that individuals and businesses always conduct regular system back-ups and store the backed-up data offline.