How Ransomware Locks Your PC & Holds Your Data Hostage

Ransomware is malware that locks your keyboard or computer or encrypts your data to prevent you from accessing your data until you pay a ransom, usually demanded in Bitcoin. The digital extortion racket is not new—it’s been around since about 2005, but attackers have greatly improved on the scheme with the development of ransom cryptware, which encrypts your files using a private key that only the attacker possesses, instead of simply locking your keyboard or computer. Most recently, a global cyberattack spread ransomware to countless computers over 150 countries.

For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake. Once the software is on a victim’s computer the hackers can launch an attack that locks all files it can find within a network. This tends to be a gradual process with files being encrypted one after another.

If you have been “hit” you might see a message like this on your screen.

About Ransomware in a Nutshell

What is Ransomware?

Malicious software that locks a device, such as a computer, tablet or smartphone and then demands a ransom to unlock it.

Where did Ransomware originate?

The first documented case appeared in 2005 in the United States, but quickly spread around the world.

How does it affect a computer?

The software is normally contained within an attachment to an email that masquerades as something innocent. Once opened it encrypts the hard drive, making it impossible to access or retrieve anything stored on there – such as photographs, documents or music.

How can you protect yourself?

Anti-virus software can protect your machine, although cybercriminals are constantly working on new ways to override such protection.

How much are victims expected to pay?

The ransom demanded varies. Victims of a 2014 attack in the UK were charged £500 and sums can go up to US 20,000! However, there’s no guarantee that paying will get your data back.

What is Wanna Decryptor?

Wanna Decryptor, also known as WannaCry or wcry, is a specific ransomware program that locks all the data on a computer system and leaves the user with only two files: instructions on what to do next and the Wanna Decryptor program itself.

Watch this video to learn more…

How can I shield myself from Ransomware?

  • The best protection against ransomware attacks is to have all files backed up in a completely separate system. This means that if you suffer an attack you won’t lost any information to the hackers.
  • The most common ways of installing the virus are through compromised emails and websites. So exercise caution when accessing websites ans clicking on unknown emails can help. Cyber attackers need to download the malicious software onto a computer, phone or other connected device.
  • IMPORTANT: Do NOT click or open “suspicious” emails or visit “shady” websites or download software/files from “unauthorized or illegal” websites.
  • Watch out for phishing / spear phishing emails that look like legit emails. Phishing emails take you to links on malicious websites that can surreptitiously download a virus to your computer.

  • Downloading a bad program or app, and visiting a website that is displaying malicious adverts can also result in an infected device.
  • The best way to protect yourself is to be suspicious of unsolicited emails and always type out web addresses yourself rather than clicking on links. Another key defense is antivirus programs that can scan files before they are downloaded, block secret installations and look for malware that may already be on a computer.
  • IMPORTANT: Make sure that your anti-virus is updated!!
  • Finally, make sure that your computer’s operating system is up-to-date with the latest security updates and patches.

About | Spear phishing

“Phishing” is the practice of sending out emails that purport to be from a well-known source, such as a major bank or utility provider. Clicking any links will take you to a fraudulent site that will harvest any login details you put in and may install malware on your device.

“Spear phishing” is a more targeted version of the above; emails will address you by name and may appear to come from someone senior within your organization, or from your email provider warning you to change your password.

A 2016 study has shown that some 56 per cent of people will fall for a spear phishing email and click on the links they are sent.

Cybercriminals can gain lots of personal, private, confident and important information from your PC so make sure you do everything you can to guard against data leakage theft!!

Stay safe online and when in doubt ask and seek help!!

Johnson K. Jacob

 

Sources:
https://www.wired.com/2017/05/hacker-lexicon-guide-ransomware-scary-hack-thats-rise/
https://www.trendmicro.com/vinfo/us/security/definition/ransomware
http://www.telegraph.co.uk/technology/0/ransomware-does-work/
https://www.enigmasoftware.com/fight-ransomware/