Ransomware is one of those cyber security terms that a lot of people have heard of but not so many people are familiar with – until it’s too late!
So what is it and what should you know?
In essence, ransomware are forms of malicious software which are used to target potentially valuable and precious computer files. They gain access to these files and then encrypt them in ways which mean they can’t then be accessed by the people or the organisations to whom they belong.
Of course, whoever is behind the software isn’t doing this just to be a source of frustration, although their actions can certainly have that effect – they ultimately want to hold those files to ransom and receive a pay off before they unencrypt and release the files.
Typically, a ransomware attacker will insist that an amount of money be paid to them before they’ll send out a code which can then be entered into the relevant system and the files are released.
If you’re being held to ransom in this way as an individual then the chances are that the amounts involved won’t be huge but if you get caught up in a ransomware attack as a business then the impact can be much more costly.
A key part of the strategy for the cyber criminals behind ransomware attacks is to be stealthy and to sneak their way onto your computer or your network without being noticed.
There are lots of different ways in which the ransomware can sneak its way onto a machine. It could be through a malicious online advertisement, a hijacked website or blog page or through an infected email.
The problem for the targets and the victims of ransomware attacks is that they are so exceptionally sneaky because they’ve been engineered with the specific aim of going undetected.
Usually, once the malicious software has made its way on to your system or machine, it will sit quietly in the background for a while before revealing itself. So it has time to access and encrypt your files before it starts holding them to ransom.
Encryption is carried out using a “key” which is a long random string of numbers a letters, a little like a password “on steroids”. The only place a copy of this key is stored is on the criminal’s server and without it your files cannot be decrypted. And the only way to get the key is to pay the ransom.
Making the payment
Because traditional bank accounts and cash transfers are easy to trace online, the criminals behind ransomware attacks usually demand their payments in Bitcoins, which are a form of digital currency that makes it difficult to trace where your funds will end up.
So the likelihood is that once you’re in the position of having suffered a ransomware attack, it will not be easy at all to avoid paying the price that’s being demanded if you ever want to regain access to the files that have been encrypted.
There is usually a timeframe involved as well, with the ransomware designed in ways that mean it will threaten to and be capable of deleting the decryption key, effectively rendering your files irrecoverable if you don’t pay up quickly enough. The problem though of course is that you will have had to part with a certain amount of money under duress in order to make that happen, which is hardly an ideal situation. What is worse is that even if you pay the ransom, there is currently only a 25% chance you will receive the decryption key. These are criminals, so customer service is not an essential part of their remit.
Protecting yourself against ransomware
The anti-virus option – Having a good quality anti-virus/anti-malware/internet security system setup on your computers at all times is always advisable and it can go a long way towards protecting your files and any valuable content you might have on your PCs or laptops. Unfortunately, ransomware is often clever and complex enough to effectively disable this protection and sneak in undetected before encrypting your data and demanding a Bitcoin payment.
The external hard drive option – Storing important documents and data on an external hard drive can mean that you’ll be able to access files that a ransomware attack might target and try to ransom you in relation to. The problem with this approach though is that as soon as you forget to keep your stored files up to date, even for a few days, then you’ll be back to being vulnerable to the kind of ransomware attacks that can spring up and potentially cost you significant sums of money.
It is also possible for malicious software to make its way onto your external hard drive and encrypt the data you’ve been storing there as well, which again makes you vulnerable to a well-executed ransomware attack. This is especially true if you always leave the external drive connected and don’t have more than one drive that you swap over regularly.
The cloud backup option – By far the best way to ensure that you are able to avoid falling victim to an effective ransomware attack is to make use of cloud backup solutions. These solutions are designed to automatically back up all your computer files to a cloud storage system on a routine and completely reliable basis. In doing so they relieve you of the need to actively remember to save your files and your data but you can rest assured that you’ll be able to access your files from anywhere without needing to worry that you’ll be held to ransom by unknown cyber attackers.
It’s true that cloud backup options are more expensive in the short term than using external hard drives or anti-virus software but if you’re concerned about the potential consequences of a ransomware attack then whatever amounts you invest in these should be considered money very well spent.