What comes to your mind when you hear the word ransom? You probably think about someone being held hostage until a payment is made. In the digital world, computers and computing devices can be held ransom. The word “Ransomware” describes any malicious software code that helps a cyber criminal effect the payment of a ransom from an affected user in return for access to their computer or files.
Ransomware is one of the most serious cyber threats of the 21st century. According to the FBI, victims forked out over $18 million in ransom payments between April 2014 and June 2015.
Ransomware restricts access to a computing device (desktop, laptop, smartphone etc) and displays a notification on the screen demanding the payment of a ransom via prescribed method, usually Bitcoin, to regain access to the device.
False Criminal Activity Claims:
Some ransomware will make a false claim that the user is guilty of online criminal activity or immorality. They will demand that the user pays a legal fine via Bitcoin. Users who succumb to this trick usually do so because they feel guilty after visiting illegal porn sites or illegal sites such as torrent download sites. Cyber criminals infect users machines and remotely detect when they visit such sites and then trigger the pop-up notification.
The amounts extorted can vary depending on the complexity of the attack and the creators of the malware but will usually be within the $20 to $600 range. In some cases, it may be much higher especially where the attack is specific to one organization.
Protecting Yourself Against Ransomware:
Ransomware protection is technically challenging and the criminals always seem to be one step ahead of the good guys. The loss of data can be serious and have very personal consequences for anyone who has the misfortune of being attacked. Given the technical challenges of protecting yourself against ransomware and potential for severe losses, the best approach is proactive prevention. The following measures should be taken to protect against ransomware.
First and very important…back up your data. If everyone backed up their data, ransomware criminals would quickly go out of business. This is because you can always get back your data from the backup hence you would have no need to pay the ransom. You would probably just be inconvenienced by having to reformat your computer but that’s about as far as your losses would go
Secondly, install anti-malware software and with real-time malware scanning. There are several good products on the market and they aren’t free.
Third, avoid opening emails from people you don’t know. If someone you know sends you a suspicious looking email with an attachment or link, contact them first and verify they actually sent it. Their computer could have been remotely hijacked without their knowledge.
If you notice a suspicious process running on your PC disconnect the Internet instantly. If you are fast enough, you may stop some types of ransomware that need to “dial home” to complete the encryption process.
Please take note that you should never pay the ransom despite your circumstances. Paying the ransom only encourages further perpetration of the crime. It also isn’t a guarantee that you will regain access to your computer. Seek the help of a computer professional and report the crime to law enforcement.