January 6, 2023
Everything You Need to Know About Ransomware and How to Avoid It
Posted by Rhiannon
Cybercrime is a huge problem facing internet users around the globe. One of the most popular types of cybercrime out there is known as ransomware. In this form of attack, hackers sneak malicious software, also called malware, onto unsuspecting users’ devices. The malware quietly encrypts files or programs, making them completely inaccessible to the device owner. When the files are selected, the attack is triggered and informs users that they must pay a ransom for returned access. This method of cybercrime has been around for decades but became especially popular in 2017. It continues to grow today. Already in 2023, a ransomware attack in Canada targeted a SickKids hospital; in a shocking plot twist, the group responsible apologized for the attack and released the data for free. But not all attacks have such a happy ending. To stay safe from ransomware attacks, here’s everything you need to know about ransomware:
- Types of ransomware
- History of the crime
- Who it affects
- How it attacks
- How to stay protected
- What to do if your device is infected
Types of Ransomware
Ransomware is different than other types of cybercrimes. Its main goal is to make money as quickly as possible, whereas many other types of hacks focus on stealing passwords and documents that can be used to exploit individuals and organizations later. According to Kaspersky Lab, there are two main types of this malware that could affect you.
- Locker: The aim of locker programs is to prevent users from accessing vital functions on their devices. They lock out internet access and desktop access, making the device itself largely unusable. While these attacks are incredibly frustrating, they’re easier to defeat than the other method of ransomware.
- Crypto: Criminals also use a method of ransomware called crypto. It works to encrypt files on devices, making them inaccessible. Crypto attacks popularly focus on data-dense documents and pictures because they hold the most value to the computer user. Once the attack encrypts files, a pop-up message appears on the users’ display. Most often, the pop ups demand payment in return for access to their files. Many crypto attacks threaten file deletion if victims don’t pay. They may also claim that the ransom will double if not paid by a deadline.
Everything You Need to Know About Ransomware’s History
The first known instance of a ransomware attack happened in 1989. At the time, it came in the form of a virus that was loaded onto floppy discs. Those discs were shipped to potential victims (most commonly organizations in the healthcare industry). If the floppy discs were loaded onto computers, the virus began tracking how many times the device was booted up. Once it reached 90 boots, the attack was triggered. It revealed a pop-up message claiming that users needed to renew their license by sending hundreds of dollars to a PO box in Panama allegedly belonging to “PC Cyborg Corporation.”
While the early version of ransomware was easy to overcome, it quickly became a popular new branch of crime. Its earliest iterations mostly targeted individual users who didn’t have security measures in place on their devices. Today, ransomware is significantly more advanced and popularly targets businesses large and small. Organizations key to public infrastructure, like healthcare, are especially threatened.
Who Does Ransomware Affect?
One part of everything you need to know about ransomware is that nobody is safe from this type of attack. However, today’s form of the crime most commonly affects businesses. Hackers know that organizations collect personal data about the people they serve. The loss or seizure of this data can cripple entire industries. Businesses often pay the ransom faster in the hopes of returning to normal operations as soon as possible. While large businesses may be targets, ransomware more commonly affects small and medium-sized organizations. They often don’t have the same level of cybersecurity that large corporations are able to afford. Although it has become less popular, ransomware can also affect individuals. In recent years technological advances have enabled these programs to attack desktop computers, laptops, smartphones, and even smart TVs.
Everything You Need to Know About Ransomware and How it Attacks
The people behind ransomware attacks are constantly innovating and adding more and more sinister layers to the programs they create. However, there are still limitations to how ransomware can affect devices in the first place.
- Email Links: One of the most popular methods of sneaking ransomware onto devices is through links embedded in emails. These emails often look legitimate and may appear to come from people you know such as coworkers, financial institutions, and online businesses. Take a look at how to spot spoofed emails here. If you click the link in one of these fake emails, you might allow ransomware onto your device without even realizing it.
- Malicious Websites: Although this is still somewhat uncommon, some ransomware collectives have designed websites that can infect your computer simply by visiting them. Stick to visiting well known sites to avoid accidentally running into this ransomware delivery system.
- Suspicious Program Downloads: While streaming and pirating content through non-official channels is a great alternative to paying an arm and a leg for digital media, ransomware hackers can hide their files in pirated content, opening you up to attacks.
- Injection Attacks: Whenever you connect to the web, you do so through an internet network. If a hacker gains access to your network, they may be able to install ransomware onto your device through the network. This is called an injection attack. It most commonly happens through public wi-fi networks that use a shared password or don’t use a password at all.
How Do You Stay Protected From Ransomware Attacks?
There are a few methods you can use to prevent ransomware from hijacking your devices.
- Be Mindful on All Devices: Because ransomware can attack almost any internet-connected device, don’t assume that you’re safe on a smartphone or even smart TV. Remain vigilant every time you check your emails or go to download something. Sometimes a watchful eye is your best protection against cybercrime. You can also use a program like a secure VPN, especially when you’re on public wi-fi, to give yourself an extra layer of security.
- Be Email Smart: Email download initiates the majority (but not all) of ransomware attacks. Before clicking links in emails, always check that it’s coming from a source you trust.
- Download Only From Official App Stores: Pirated content is cheaper but more dangerous. For apps, stick to downloading from official app stores (like Google Play). In terms of other content, try to stream from legit platforms, such as Netflix, YouTube, and Spotify.
- Keep Devices Up-to-Date: Many ransomware programs prey on outdated operating systems that don’t have current security patches to protect them. By keeping all of your devices up-to-date, you lessen the opportunities ransomware programs have to attack you.
- Use Anti-Virus and Malware Software: Ransomware is smart and not all of it can be stopped by anti-virus or anti-malware software. However, having these measures of protection can’t hurt.
- Back Up Vital Documents: It’s possible for devices to still be infected even if you do everything in your power to avoid it. You can lessen its damaging effects in advance by backing up crucial documents offline (such as on a USB). If ransomware does take over your computer, you can take your time to remove it or ignore it because the files you really need are safely stored elsewhere.
What to do if Your Device is Infected
If you do find your devices infected by ransomware, there are a few steps you can take to free them.
- Find the Cure: While there are incredibly intelligent people using their powers for evil, there are as many people working on the side of good. For every type of ransomware released, someone else is working on building tools to counteract the malware. You can search online for these tools, many of which are free. They can help you “cure” the infected device of the ransomware.
- Delete the Files: In some cases, ransomware only affects specific files on your device. By deleting those files, you might be able to remove the program from your device as well.
- Pay the Ransom: If you are absolutely desperate, you can try paying the ransom in exchange for access. The fees often range from a few hundred to a few thousand dollars. In addition, hackers commonly request them in the form of untraceable cryptocurrency. However, paying the ransom does not guarantee that the person behind the attack will actually release your files or remove the ransomware from your device. They are criminals after all.
Ransomware attacks have stolen millions of dollars from individuals and organizations around the world. Don’t become the next victim of their attacks. Remember our tips for recognizing and avoiding ransomware.
Posted by Rhiannon
More Blog Posts
January 21, 2023
Privacy Tip of the Week: Use Security Questions on Your AccountsSecurity, or password recovery, questions are a tool used by online accounts to verify that the owner of the account is who they say they are. It helps users recover forgotten passwords and adds an extra layer of protection to prevent accounts from being hacked. For any account that you can add a security question […] Read more
December 13, 2022
Privacy Tip of the Week: Have a Safe Holiday Season OnlineFor the last few years, the holidays have looked a little different. The effects of COVID-19 have prevented family get-togethers, restricted travel, changed our shopping habits, and more. While some normalcy has returned this year, there are those still wary of the effects of the illness, and those who forged new traditions during the height […] Read more
November 21, 2022