What is Ransomware and How to Prevent it?
If you follow Technology News, you may have heard the name Ransomware. In 2016, it has become three times as expensive and a serious issue for all. Over the years, Ransomware has emerged as one of the biggest threats to businesses. In recent months, we have seen many serious cases of Ransomware. Now the attackers have started targeting police forces, municipalities, and hospitals. Security researchers have also predicted some more powerful attacks with big impacts. So, you must know about Ransomware. In this article, I will try to explain what is Ransomware and how you can prevent this attack.
What is Ransomware?
Ransomware = Malware that demands Ransom
Ransomware is computer malware that quietly comes into a system and encrypts the data. After the data has been encrypted, the attacker demands payment for giving the decryption key. In a few Ransomware attacks, the attacker has not encrypted the data but restricted access to the system by displaying pornographic images and asking users to pay to get access back.
Many variations of ransomware exist and different variants use different ways to attack. Often the ransomware is distributed using email spam and malicious software.
Also see: Best Books to learn hacking from basics
The history of Ransomware is very old and the first known malware extortion attack, the “AIDS Trojan” was written by Joseph Popp in 1989. Due to the design failure, it couldn’t become a big success but it began a new kind of online attack. This trojan only encrypted the name of files and asked users to pay to “PC Cyborg Corporation” to obtain the repair tool.
The use of public key cryptography for ransom attacks was used by Adam L. Young and Moti Yung in 1996. Their trojan relied on symmetric cryptography but the decryption key could be extracted from the Trojan.
Few notable Ransomware:
- CryptoLocker.F and TorrentLocke
Who are the primary targets of Ransomware?
As you already know, Ransomware encrypts the data and makes it useless until the data owner doesn’t get the encryption key. So, the primary targets are those who have important data in their system. Hackers target business computers and banking computers. These targets can pay a big amount for their data. In a few cases, home computers have also been targeted for a small amount. If your device is connected to the Internet, you are vulnerable.
How to prevent Ransomware
If you do not want to get into trouble because of Ransomware, you must know how to prevent Ransomware from coming into the system. Follow these steps to prevent Ransomware.
1. First of all, you should make a habit of keeping a backup of important data. Cloud storage is the best option to keep your important data safe. If you have a backup of important data, you can easily get data restored from the back and avoid the ransom demand.
2. Install good Antivirus software and firewall. It will help in preventing malware attacks. We have a list of recommended Antivirus.
3. If you are using a Windows system, you can disable files running from AppData/LocalAppData folders. It disallows a particular, notable behavior used by Cryptolocker.
4. Always install security updates on the operating system. Not just operating the system, but also keeping the software installed on your system up to date. Neglecting updates can result in your machine being vulnerable to attackers.
5. Avoid downloading from suspicious websites and clicking on anonymous links on unknown web pages. On your mobile phone, install apps only from the official app store or trusted app stores.
6. Avoid opening email attachments from unknown senders. Most attackers use email attachments as the primary way to distribute malware.
What should I do if I get Ransomware?
In case you got Ransomware in your system and the attacker is asking you to pay, I do not suggest that you pay the ransom. There are a few tools that can help you in decrypting files if it was encrypted by certain ransomware variants. File encrypted by CoinVault and CryptXXX variants can be decrypted by using available tools. If you get success in recovering your file, you can save your money.
In case you couldn’t get data, you should contact law enforcement agencies. use of Ransomware is not permitted by law.
I already mentioned that the use of Ransomware is increasing. Now attackers are exploring ways to target more platforms. Recently, Ransomware attacks were also found on mobile devices. We are also expecting attacks against macOS and iOS devices as well. So, you should not take security lightly and always follow security measures.
Always update your software and system. Install a good antivirus. If you can afford it, you can think of buying the premium version to keep your system safe from cyber attacks.