In the last three months, two massive ransomware attacks spread like wildfire and affected thousand of private companies, public organizations and individuals around the globe.
Ransomware attacks are not new, but the speed of the recent hacking has alarmed security experts. In a few hours, the "WannaCry"malware had already infected victims in at least 99 countries, including Russia, Turkey, Germany, Vietnam, and the Philippines - and is thought to be spreading at a rate of five million emails per hour. It is believed to be the biggest attack of this type ever recorded. It was followed by the Petya ransomware.
Most people are not familiar with the differences between the technical terms virus and malware, or phishing and hacking. Now that a huge ransomware has hit globally, it's time to learn about this latest form of attack.
What is a RansomWare?
A ransomware is a virus used to extort money from unwitting victims. Once it gets into a system, it restricts you from using your PC or mobile device, and from accessing your files. It is programmed to encrypt certain files on the computer and then blackmails the user for money in exchange for the access to the computer or decryption of your files. Any files encrypted cannot be accessed or opened by the victim in any other way unless he gets the key to decrypt the file. Payment is usually done by electronic currency like "bitcoin," which is almost impossible to trace. Payment of this ransom is not a guarantee that you will get full access back, nor does it guarantee safety from similar attacks in the future.
How do I get a RansomWare in my System? A ransomware is not limited to computers. Smartphones and other electronic gadgets and equipment are susceptible to ransomware or any other virus in general. Getting your system infected happens in many ways. The most common form of infection occurs via email attachments or malicious links. Opening such attachments, or clicking on malicious links, installs the ransomware in your system. It then spreads throughout the network, and can even send copies of itself through email, using the contacts listed in your system (like MS Outlook). Virus infection by USB drives are also common but the infection rate is slower and more limited locally.
How can I protect Myself from RansomWare?
There are effective ways to avoid RansomWare attacks, and most of them are actually routine. Here are some of the things you must do (on a regular basis):
Use a reputable antivirus software.There are some free antivirus that you can download. They may not offer full protection, but that is better than nothing at all. Also, free antivirus is better than "pirated" copies of antivirus since the bootleg copies usually have vulnerabilities built into them by the software pirates.
Set up a popup blocker. Since viruses are downloaded from malicious links that pop-up from other websites, it is a good practice to set-up a pop-up blocker. Most internet browsers today have a built-in pop-up blocker but you need to set it up yourself.
Be cautious about clicking links and attachments. If you get an email from an unknown sender, it is better to ignore it or delete immediately. Even if you know the sender, be wary of the contents of the email, especially if it contains links, or if the email itself seems outside the character of the sender.
Stay clear suspicious websites. Keep your browsing habits well within reputable websites. Going further into suspicious websites increases the risk you take. In some cases, you do not even have to click anything on a website, to let that site download malicious software into your PC.
Update your operating system (windows) on a regular basis. It is also better if you schedule your PC to update automatically.
Update your anti-virus and firewall software. Companies developing antivirus are often quick in responding to threats and usually patch their software to prevent further attacks.
Encrypt your hard drive. Encrypting your hard drive yourself will prevent others from doing it, and it's you who holds the password, not some unknown criminal from another country.
Back-up your files often. If you can manage to do so, keep a back-up of your most precious files off line in a separate external drive. An online storage is also recommended.
If you use public wifi often, protect yourself further by masking your IP or using a VPN.
How do I know if my computer is Infected?
You will not miss a ransomware infection since it will alert you that your PC is now a hostage. The display will lock up your browser, certain folders, or the complete system. What access you have left is limited to contacting the perpetrators and providing the "ransom."
You should also be aware that some ransomware are disguised as "real" entities like Mircosoft, Antivirus companies, or even Government entities like the FBI, forcing you to pay an upgrade or fine.
What to do if you suspect your computer is infected?
Disconnect your computer from the network and immediately shut down.
Inform your network operator if the PC is connected to the network. This will help prevent further spread of the virus.
Note the last email, file or website you have opened.
If you must verify that you have a back up of your files offline in a hard drive or online in a cloud, do not attempt to open your files in the same network, but instead go to another network.