The Basics of Ransomware Attacks

The Basics of Ransomware Attacks

Security firms are this week warning about a sudden “huge” surge in junk email messages containing ransomware.

What Is Ransomware?

Ransomware is a type of malware that takes your computer for ransom and will deny you any entry or access to your computer. Perhaps the most frustrating part for the owner of the computer is that not only can they not access their computer files, but they have to pay a ransom for the restriction to be removed. A good (or bad) example of ransom malware is the Trojan horse malware named cryptoLocker. This will encrypt your files and folders hold them hostage until you pay a ransom. Once paid, the criminals remove the malware from your system and it runs as usual. This type of attack is extremely infuriating, but it has been described by many as ‘The Perfect Crime’, because it starts with a simple email.

How Does My Computer Become Infected With Ransomware?

Like other computer viruses, it can find its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it; most commonly it arrives in the form of a phishing email, or spam, or a fake software update – and the recipient clicks a link or opens an attachment. Trouble will begin the moment you click on a malicious mail attachment from a new or suspicious source. In some cases, the trouble might be a link that comes within the mail. The virus then sets to work encrypting the user’s files; it’s a malicious virus that locks the user out of their computer and demands a fee to return their files. Security experts have warned that ransomware is the fastest growing form of computer virus. Ransomware typically propagates as a trojan, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program then runs a payload, which typically takes the form of a scareware program. Payloads may display a fake warning purportedly by an entity such as a law enforcement agency, falsely claiming that the system has been used for illegal activities, contains content such as pornography and “pirated” media, or runs a non-genuine version of Microsoft Windows. It is also easy for you to spot this kind of malware. They all have recognisable features, so they can be easily spotted, often there will be a type of ‘call to action’ within the text. This could surface as ‘READ THIS’ or ‘REPLY STRAIGHT AWAY’, if you read the email and it has a sense of urgency about it, it is best to just delete it, you never know – it could be a Trojan horse waiting to be let in. These types of viruses also hang out around funny websites, and social networks – so you must be on your guard at all times.

What Can I Do to Avoid Ransomware?

  • Regular users should be educated on the rise of cybercrime
  • Antivirus software should be updated on a regular basis and enabled at all times so that protection runs 24/7.
  • Make it possible for the system to receive automatic updates from Sophos Update Manager
  • Do not be reckless when opening any mail, if it looks dodgy it probably is..
  • Watch out for warning signs
  • Firewalls should always be enabled
  • Don’t click on suspicious links

What Do I Do If Ransomware Has Locked Me Out My Computer

Due to the nature of this malware it is always best to seek professional help. IT professionals are your best hope in successfully removing the malware from the computer. Sometimes Anti-Virus software isn’t enough to protect yourself and your computer from external threats. This type of malware cannot be flushed out the system simply by conducting a full system scan. At this point it is likely that files will have been encrypted. Many companies like Sophos have created decryption tools which can help; but ultimately you should seek support and advice from an IT professional immediately.

Conclusion

It doesn’t matter if you are just a computer owner, a small business or a large business – nobody is going to want their computer to be taken hostage. If your computer is fully secure and protected at all times then there should be no reason for you to part with any money whatsoever. The bad news about this is that you can’t stop cybercrime like this, and Ransomware is just one type of cybercrime, but by keeping it protected you will be able to keep the cyber-criminals at bay. To avoid falling victim, companies should ensure that their security protection is up to date and should regularly back up their data so it can be restored in the event a machine does get infected. If you have any questions or concerns over your current security and or backup systems, please contact us for advice or to discuss any of our IT support services.

Recent Posts