Ransomware: Holding Data Files Hostage

ransomware lockYou’ve probably heard the term “ransomware” on the news several times in the few last months. What is ransomware? It’s a compilation of the terms “ransom” and “malware.”

Malware = malicious + software

Software is any kind of program that runs on a computer or electronic device. Malicious software is, like it sounds, bad. Many different programs and files that negatively impact your computer, such as viruses, Trojans, worms, phishing scams, and potentially unwanted programs (PUPs) fall under the banner of malware.

Ransomware = ransom + malware

Ransomware is a particular form of malware, which, like its name suggests, demands a ransom to rid the computer of this malicious software. A user might unknowingly click on a link and download a ransomware executable (.exe) file that hides itself in your computer and begins to encrypt your files. Encrypting the files is like putting a lock on them that only one key, a decryption code, can open. The creators of the ransomware are the only ones who have that key, and there’s no other way to decrypt or “unlock” the files except with that key.

Once all of the files on your hard drive have been encrypted, a screen will come up alerting the user to the fact that the files are locked. It also provides instructions for paying the ransom to get the key that will decrypt the files. Paying the ransom does not guarantee access to the key and the restoration of files, but once these data kidnappers receive their money, they often do provide the decryption key. It’s up to the user to decide if the value of data outweighs paying Internet thieves.

Latest Ransomware Variant

In the latest Petya or GoldenEye ransomware virus, there is a further nasty twist. Rather than just encrypting files themselves, the entire hard drive on a computer is encrypted. Once the encryption process is complete, the computer reboots with a lock screen that prevents you from accessing Windows, denying access to all of your programs and files. In some earlier strains where only files were infected, the operating system still technically functioned. With Petya, unless you pay the ransom, your hard drive will need reformatting or replacement. In that case all your data will be lost. You can read more about Petya here.

Ransomware and Hostage Businesses

Losing files or the functionality of a computer is always a hassle, but ransomware attacks like Wannacry and Petya are especially disastrous for businesses. Average residential users can also contract these viruses, but businesses are a main target because they are more likely to be able to pay to get back in operation. When these encryption viruses hit, they spread through any mapped drives and entire networks. If one employee downloads an infected email attachment and introduces the virus to their computer, it doesn’t just stay there. It can spread throughout an entire network, taking down a server or hundreds of workstations. That could put the company at a standstill and compromise critical data. Ransomware leaves organizations like hospitals, huge corporations, and government agencies with little choice but to pay the ransom to retain patient or customer files and get back to work.

Preventing Malware

Follow the same basic tips we always suggest in preventing all kinds of viruses. Check to make sure you’re covering your bases with these ABC’s of security:

  • Antivirus installed and updated. Check to see if your antivirus program provides any protection from ransomware and encryption viruses.
  • Back up data regularly. Multiple backups is best.
  • Carefully browse online. Stick to known and secure websites.
  • Don’t download unknown attachments or click unknown links in emails. This is the most common way ransomware attacks begin.

 

Save

Save

Save

Save

Save

Save