In a typical hostage situation, the kidnapper is usually brandishing a gun or knife, sneering threateningly, "Your money or your life?" However, in recent years, a new type of threat has emerged, and a new ultimatum is being issued: "Your money or your data?"
This new threat is known as ransomware, and it's becoming increasingly popular amongst cyber criminals as an effective way to extort money anonymously from victims. In fact, this threat is so prevalent that the FBI has projected that $1 billion would be lost to ransomware attacks, in just 2016 alone. (To give you an idea of just how much $1 billion is, you can purchase two brand new Boeing 747-8 planes and still have almost $300 million to spare!)
So what exactly is ransomware, and how does it operate? It is a malicious software that allows hackers to restrict access to an individual's or company's important data, and then demand payment to lift the restriction. Once executed on a computer, the malware begins its campaign of terror by encrypting the user's files. The user will be locked out of his or her computer, and a ransomware screen will appear.
Usually, users have to pay a ransom (which can range from a few hundred to tens of thousands of dollars) to get a decrypt key. If the transaction is not completed within the specified time, the hackers will carry out their threat of deleting your files permanently.
Here is an example of what a ransom note may look like on an infected computer:
At this point, you may be wondering, "Why would people pay a malicious hacker hundreds of dollars to fix the problem?" By restricting these files with a strong encryption (2048-bit or more), the hackers have rendered the files irrecoverable unless the decryption key is obtained. Without it, the decryption process can take years. This is because such decryption requires very specialised expertise, and many victims do not know who to approach for help. This leaves the victims with only two options – pay up (thereby funding the activities of the criminals who hacked into their system), or lose their data forever.
Ironically, most of these ransomware crooks operate on a model of "good customer service" (if you can consider it a service), meaning they usually keep to their promise of providing the decryption key once the victims pay the ransom in bitcoins. Thus, most ransomware victims often yield to the hacker's demands in order to regain access to important company information, or even photographs with high sentimental value. Because the payment is made in bitcoins, the hackers remain anonymous, making it difficult for them to be caught by the authorities. In fact, some hackers are audacious enough to even hack into police stations and demand a ransom!
Cyber criminals carry out attacks indiscriminately – whether the target is a business, hospital, school or just the average Joe with a computer. Hence, it is important to protect your computer system from ransomware attacks. After all, the best way to manage malware is to avoid getting hit in the first place.
Here are three things you can do to protect yourself:
1. Follow the Best Practices of Internet Browsing to Stay Safe Online
Exercise caution when surfing the Internet, and avoid opening and downloading unsolicited file attachments from people you don't know. These attachments may contain malware that can infect your computer. Besides that, do not download any software from unofficial or disreputable sources. Such software, especially the pirated ones, may have ransomware or other malicious software bundled with it.
2. Update Your Software Regularly
Some types of ransomware operate by exploiting software vulnerabilities in the operating systems. To prevent such attacks, keep your operating system and all other software updated regularly. It would also be helpful to install an anti-virus software, and keep it updated. Perform a scan of your computer once a week, and scan all of your received files and the removable storage devices that you connect to.
3. Perform File Backups Regularly
Ransomware leverages on scare tactics by holding your data ransom. By backing up your files regularly, you can reduce the impact of a ransomware attack and facilitate the recovery process. As an additional precautionary measure, you should also make sure that your backups are stored offline, or are disconnected when in use.
While there seems to be no straightforward technological solution to warding off ransomware yet, the upside to the situation is that you can dodge these computer kidnappers by taking precautionary measures. At Quann, we are passionate about security. We provide training and awareness programmes to equip your employees with security know-how so as to protect your business against growing security risks and compliance missteps.