What You Need to Know About Ransomware
Imagine you're a small business owner running your business from a home office. One day, you turn on your computer and find that all your important files and documents are locked and inaccessible.
A message pops up informing you that your files are encrypted and that in order to access the decryption key, you must pay a ransom. If you don't pay the fee by a certain date, the ransom will double, and if you don't pay it by a final date, the key will be destroyed and your files will be lost.
This malware, commonly known as ransomware, can devastate businesses and individuals by putting sensitive information at risk. Cyberthieves obtain access to your device through a phishing email or a weak spot in the security of your web browser. Then, instead of trying to sell your information online, the thieves lock your information and try to sell it back to you.
CryptoLocker, one of the most successful versions of ransomware, was dismantled last year in an international law enforcement effort dubbed "Operation Tovar," and there's now a website where victims can go for help in recovering their files. However, new strains of the malware have been developed and are actively trying to extort ransom money from businesses and individuals.
How hackers can gain access to your files
In order to lock your files, cyberattackers must first infiltrate your system. They can use spam attacks and pop ups and infiltrate vulnerable outdated browser plug-ins or unsecured networks in order to gain access to your files. Once hackers have accessed your system, the ransomware scrambles the files. Some victims report that their browser is also locked by the ransomware.
While some variants of ransomware target businesses, individuals are also at risk.
"The rule of thumb for criminal financial operations online is to cast a fairly wide net," says Nicolas Christin, a professor of electrical and computer engineering at Carnegie Mellon University.
"You want to maximize exposure so that you get a certain amount of people to pay out," he explains.
If you're a victim you will likely only have two options; pay the ransom, which typically ranges from $300 to $500,or give up your files forever. Most variants are difficult to unlock, if they've been encrypted properly.
"They use the same encryption you use to connect to your bank; it's very strong," says Christin.
In 2013, victims paid out almost $30 million to CryptoLocker to retrieve their files. Even after you pay, there's no guarantee you'll get your files back, Christin says. The only solution to ransomware is prevention.
How you can help to better protect yourself
While ransomware is a serious threat, you may not have to give into the demands of the cyberthieves if you take the precaution of backing up your files.
"Backups are the most straightforward solution," Christin says.
Christin recommends backing up your files daily. You can use an external device—even something as simple as a flash drive—but be sure you only connect it to your computer while you're performing the back up and remove it when you're done. If the device is left plugged into your computer at all times, then your drive could get infected and your backups will be useless. You can also use cloud storage to back up your files, Christin says.
You can also help prevent a ransomware attack by keeping your network secure. Avoid clicking on links in emails or pop-ups—even clicking "no" on an advertisement can put you at risk. You may want to enable "safe browsing mode" when you're using a search engine. This will scan for malware on websites in the search results.
You should also update your browser and browser plugins, as the newer versions come with enhanced security measures. It's important to keep your antivirus and computer systems up to date.
"Run updates and install new versions of your software, browsers, and plugins as soon as they come out," Christin says. A patched system can help protect you from malware or websites infected with malware that may try to attack through your browser.