What is Ransomware and how do we prevent it?

Is there anything more frustrating and problematic than being locked out of your own house or car; or more to the point, your own computer, tablet or phone? It’s annoying enough if we ourselves do the locking out – losing the keys or forgetting our passwords, but what if an outsider – an attacker, purposely and maliciously locks you out? In today’s world, few possessions are as integral to the flow and success of life than the devices we use to communicate with and connect to the world at large, and unfortunately few other possessions are as easy a target for criminals to hold ransom than our computers, tablets and/or phones. Ransomware!

Ransomware is a form of malicious software (or malware) that, once it’s taken over your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment via a cryptocurrency (like Bitcoin) or credit card.

There’s no denying that cyber crime – like ransomware, is getting worse every year. With a staggering jump of 3.8 million records breached in 2010 to 3.1 billion in 2016 it doesn’t seem like organisations’ security functions are keeping up. So, where did it all start?

The first ransomware attack was reported in 1989. The victim was told to pay USD $189 via snailmail in order to receive a repair tool. Nowadays, a lot of companies would have been happy to pay $189 – especially the South Korean company ‘Nayana’, which had to pay approximately $1 million in a ransomware attack earlier this year- the largest payment to date for a ransomware attack.

How does ransomware it work?

There are several different ways that ransomware can infect your computer. One of the most common methods today is through phishing attacks, which is an unsolicited email that is used to deliver malware. The email might include booby-trapped attachments, such as PDFs or Word document. It might also contain links to malicious websites. Phishing uses social engineering in order to trick people into opening attachments or clicking on links by appearing as legitimate—whether that’s by seeming to be from a trusted institution or a friend. Another popular infection method, which reached its peak in 2016, is malvertising. Malvertisin,or malicious advertising, is the use of online advertising to distribute malware with little tono user interaction required. While browsing the web, even legitimate sites, users can be directed to criminal servers without ever clicking on an ad. These servers catalog details about victim computers and their locations, and then select the malware best suited to deliver. Often, that malware is ransomware.

How to prevent ransomware

There are a number of defensive steps you can take to prevent ransomware infection. These steps are of course good security practices in general, so following them improves your defences from all sorts of attacks:

Keep your operating system patched and up-to-date, to ensure you have fewer vulnerabilities to exploit.
Don’t install software or give it administrative privileges unless you know exactly what it is and what it does.
Install antivirus software, which detects malicious programs like ransomware as they arrive, and whitelisting software, which prevents unauthorised applications from executing in the first place.
And, of course, back up your files, frequently and automatically! The most effective form of prevention — for businesses or individuals — is to back up files. If data is backed up regularly to an external source, a computer can be reset to its factory settings and then the backed-up files can be reinstalled, essentially wiping the ransomware from the system. Ransomware worms are easy for hackers to modify so even if a fix is found for one bug it won’t necessarily safeguard against a future attack.