Ransomware: What You Should Know


Thought Leadership

Ransomware: What You Should Know

Kristy McDaniel Baia

The original ransomware was rudimentary. You were surfing the Web or checking your email, until suddenly, your screen froze on a frightening message from the FBI. Your IP address had been involved in some sort of illegal online activity, and the FBI was giving you 24 hours to pay the fine, or they were going to arrest you. Then netizens wised up and realized those warnings were bogus. The FBI started issuing reminders that there is a thing called “due process,” and it pretty much guarantees that they would never fine a suspected criminal without a trial, let alone via a pop up advertisement.


Many security experts believed that as computer users became savvier and stopped being so gullible online, ransomware would disappear. However, the cybercriminals became savvier too. While today most ransomware is still delivered via a Trojan by either downloading it in an email attachment or by clicking on a malicious link on the Web, there are two main types of ransomware: lockscreen and file-encrypting.

Just as it sounds, Lockscreen ransomware, completely locks your screen with some image, like the rudimentary FBI warning, and demands you pay a ransom to have the image removed. Depending on the level of sophistication, it may be possible to remove it without paying anything, or by taking it to an IT repair shop.

File-encrypting ransomware, however, is not as easy to remove. Once the malicious command has been executed, your files are encrypted and the only way to unlock them is if you have the key, which you don’t. Guess who does have the key—and will give it to you—for a nominal fee.

Of course, if you never want to have your files stolen or your screen locked, there are a few simple preemptive steps you can take to completely prevent this mess from happening.

Back up your files. It’s pretty simple, if you have two copies of that budget report that took you two weeks to create, and someone steals one of them and demands you pay him $500 to get it back, you still have one copy. That means you don’t have to choose between paying a steep ransom and starting from scratch. Run regular software and hardware updates. This will be engraved on our tombstones because we say it so often. Software and hardware updates often contain security patches to holes that malware, like ransomware, wiggles its way through. The best type regular software updates are automatic ones, but if that’s not feasible, at least set up notifications to let you know when the latest update is available. Then set a max number of “snoozes” you can set for your update. Have layered, redundant security. As we mentioned earlier, ransomware is often delivered via an email attachment or malvertisement on the Web. By having email and Web protection, you can prevent ransomware from ever entering your network.

If you’ve been the victim of a ransomware attack, and you’re contemplating paying the ransom, keep in mind that the only reason why these thieves keep making these attacks is because people are paying them. If all of the victims stopped paying ransoms, they wouldn’t have a successful business model, whose core objective is to steal your money, mind you. And these thieves often are associated with larger criminal organizations, which use your money to fund their illegal activities. So back up your files, update your software and hardware, and have layered, redundant security, and you won’t find yourself in this predicament.