What is Ransomware?
Ransomware is a special type of malware that is actively spreading across the Internet today, threatening to destroy victim’s documents and other files. Malware is software—a computer program—used to perform malicious actions. While ransomware is just one of many different types of malware, it has become very common because it is so profitable for criminals. Once ransomware infects your computer, it encrypts certain files or your entire hard drive. You are then locked out of the whole system or cannot access your important files, such as your documents or photos. The malware then informs you that the only way you can decrypt your files and recover your system is to pay the cyber criminal a ransom (thus the name ransomware). Ransomware spreads like many other types of malware. The most common method involves emailing victims malicious emails, where cyber criminals trick you into opening an infected attachment or clicking on a link that takes you to the attacker’s website.
Should You Pay the Ransom?
That is a tough one. The problem is that the more often people pay these criminals when they are infected, the more motivated criminals are to infect others. On the other hand, you may have no other option to recover your files. Be warned though, even if you do pay the ransom, there is no guarantee you will get your files back. You are dealing with criminals; they may not decrypt the files, or even if they do provide you with a decryption method in exchange for payment, something may go wrong during the decryption process or your computer may be infected with additional malware.
How to Protect Yourself?
Perhaps the best way to recover from a ransomware infection and not pay a ransom is to recover your files from backups. This way, even if you get infected with ransomware, you have a way of recovering files after rebuilding or cleaning up your computer. Keep in mind that if your backup can be accessed from the infected system, ransomware might delete or encrypt your backup files. Therefore, it’s important to back up files to reputable cloud-based services or to store your backups on external drives that are not always connected to your system. Be sure to regularly test that your backups are working, and confirm that you can recover the files you need should your system become infected with ransomware.
Moreover, you can protect yourself from ransomware infections the same way you would against other types of malware: don’t get infected. Start by making sure that you have up-to-date anti-virus software from a trusted vendor. Such tools, sometimes called anti-malware software, are designed to detect and stop malware.
As we move into this holiday season keep these tips in mind to make sure you stay safe and secure.
Information provided via SANS