By Andy Browne, malware labs director at Lavasoft
As technology and Internet-ready devices continue to become central to our everyday lives, hackers are finding more channels and new ways to gain access to the personal information of unsuspecting targets. From individuals to huge corporations, no one is safe from cybercrime.
In November 2014, Sony Entertainment’s business came to a halt after becoming the victim of a massive ransomware attack.
Ransomware is a growing cybercrime trend in which hackers essentially gain control of a user’s computer and demand a ransom be paid. Unfortunately, many people are unaware of the growing threat of ransomware and how their everyday online behavior can be making them susceptible to it.
So, what is ransomware?
Ransomware can come in different varieties and will snake its way through a computer’s operating system in a matter of seconds. From popups claiming to be law enforcement agencies collecting fines to more blatant versions where the victim’s computer is locked and their files will not be accessible unless a ransom is paid, ransomware comes in many stealth forms and can happen to anyone.
Ransomware hackers are not picky when it comes to their target demographic, and their demands are the same for everyone. Additionally, there is no guarantee that paying the fine or doing what the ransomware hackers demand of you will give you access to your PC or files again. This means if you do become the victim of ransomware, your best option is to not pay the hackers, because doing so will likely encourage them to create more advanced malware and in turn target more victims.
The best way to ensure you don’t become the victim of a ransomware attack is to be aware of what these hacks usually look like. The most common types of ransomware include:
- Scareware – This is the simplest form of ransomware. Saying it is the simplest does not mean it is harmless, however. A scareware attack starts off seemingly painlessly when a notification comes up alerting the victim that their anti-virus software has detected a ludicrous amount of potential issues with the operating system, and demands that a ransom is paid in order to have them fixed. This type of ransomware has been found to be the easiest to remove.
- Lock-screen viruses or Winlock– This type of ransomware can be very scary for users as it does not allow you to use your computer in any way. Unfortunately, lock-screen viruses frequently fool users, because they are often accompanied by a legitimate-looking FBI or local law enforcement logo telling the victim they have broken the law and must pay a fine.
- CryptoLocker – This is considered by many anti-virus pros as the worst of the worst. It is defined as computer malware that freezes access to every file, including photos, documents and programs with a secret pass key known only to the hacker. This type of ransomware can be quite difficult to remove using traditional anti-virus software, and may require the assistance of a professional.
Over the years, hackers have become increasingly intelligent and sophisticated, using a multitude of tricks and tactics to demand ransoms. Recently, the most common form of ransomware payment demanded by hackers is through an open-source network called Bitcoin, a relatively new form of currency taken advantage of by cybercriminals.
Bitcoin is public in design, nobody owns or controls it and everyone can take part, so there is no way for the government to track where the money is going once you’ve paid your ransom. If you’re ever asked to pay a fine online via Bitcoin, be extremely wary.
I’ve been hacked—what are the next steps?
“This computer has been locked and will not be unlocked until payment in X amount is made by XX date.” If you are a victim of ransomware, in most cases a message reading something like this will pop up onto your screen. This is a cheap and effective way for hackers to make a pretty penny.
What do you do then? If you are dealing with the lock-screen type of ransomware, you’ll need to download a trustworthy anti-virus system. But downloading the anti-virus alone won’t ensure your protection; you’ll need to continuously update your software to account for constant security patches. Keeping it up-to-date will guarantee the highest level of protection against the most recent online threats.
Backing up your system is the next step, whether it’s on a USB drive or an external hard drive, it’s important to have your files elsewhere if your PC is compromised by hackers. Doing this should be made a habit and it is best to be done at least once per week. Once you’ve completed the back-up—disconnect the external source. The idea here is to keep your backup files virus-free. That way, if you get infected, you’ll have a resource to replace your infected files.
Future prevention
To help you stay protected from the growing threat of ransomware, consider some helpful tips for prevention:
- Download updated and complete anti-virus software.
- Make sure your software is up-to-date.
- Be on high alert for unexpected email attachments, spam and pop-ups.
- Have a pop-up blocker running in your web browser at all times.
If you follow all of these precautionary steps to ensure your computer is safe from ransomware, you will be a much more difficult target for these hackers. The best way to prevent something like this from happening to you and your family is to be as prepared as possible. Ransomware is going to continue to make headlines and grow in sophistication in the coming year. The best way to prevent these types of attacks is to be aware and knowledgeable about their threats.
Andy Browne is the malware labs director at Lavasoft, makers of Ad-Aware, a free antivirus software.