Security firms are this week warning about a sudden “huge” surge in junk email messages containing ransomware, but what is ransomware? Ransomware are computer viruses that threaten to delete your files and data unless you pay a ransom.
Like other computer viruses, it can find its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it; most commonly it arrives in the form of a phishing email, or spam, or a fake software update – and the recipient clicks a link or opens an attachment. The virus then sets to work encrypting the user’s files; it’s a malicious virus that locks the user out of their computer and demands a fee to return their files. Security experts have warned that ransomware is the fastest growing form of computer virus.
Ransomware typically propagates as a trojan, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program then runs a payload, which typically takes the form of a scareware program. Payloads may display a fake warning purportedly by an entity such as a law enforcement agency, falsely claiming that the system has been used for illegal activities, contains content such as pornography and “pirated” media, or runs a non-genuine version of Microsoft Windows
To avoid falling victim, companies should ensure that their security protection is up to date and should regularly back up their data so it can be restored in the event a machine does get infected.