What is Ransomware?

Ransomware is malicious software that threatens to publish the victim's data or personal information or perpetually block access to certain data unless a ransom is paid. More simple ransomware may just lock the system while more advanced malware of this type uses a method called crypto viral extortion where it encrypts the victim's files and data, then demands a ransom payment to decrypt them. Most ransomware attacks require that the ransom payment be sent via crypto currency as this is a more difficult method of payment to track and take legal action against.

While there are several different ways that ransom malware can infect your computer, the most common method is through malicious spam. This is a kind of unsolicited email that mimics sales or other emails very common in the consumer marketplace or they look like an unusual personal email that is used to deliver malware. The email will usually include attachments like PDFs or Word documents that could have hidden malware in the file. These malicious spam emails may also contain links to websites that when clicked queue the delivery of malicious software.

The five types of ransomware are crypto malware, lockers, scareware, doxware, and RaaS. As we mentioned crypto malware is a type of ransomware that encrypts the user's files and demands a ransom. Lockers are a type of ransomware and is known for inspecting the operating system and completely locking the user out of the computer, making it impossible to access any files. Scareware is a type of malware that looks like an antivirus or cleaning tool. Independent claims to have found issues on your computer, and asks for payment to resolve the issues. Some types of this software lock the computer or cause a large number of alerts or pop-up messages. Doxware threatens to publish stolen information online unless a ransom is paid. This type of software steals sensitive personal information from computer files or personal photos and then ransoms their release. RaaS or “ransomware as a service” is used by hackers who offer targeted ransomware in exchange for their cut of the ransom.

So what can you do to prevent yourself becoming a victim of ransomware? Many ransomware programs evade detection by antivirus software. Even if an attack is caught in the early stages there could possibly be plenty of damage done. The best way to ensure no data is lost in an attack is to maintain off-line backups. Basic training of employees to avoid unknown email file attachments and to prevent any tendencies of clicking on down links goes a long way towards preventing attacks of this type. Preventative measures should still be taken as antivirus and anti-phishing software can detect and prevent many attacks.

Your managed services provider will take security measures and advise your staff on how to prevent infection or deal with a ransom malware issue.