Ideened.com

We build a better future with the tech.

About Me

Dashy

Hello word I am dashy Guy

Technology

Ransomware Protection Guide
admin
5 mins

Dear readers,

During the last couple of years, you may have noticed the emergence of a new and very nasty type of computer threat called Ransomware. According to Kaspersky, a computer is infected with ransomware every 10 seconds! In 2017, more than 150 countries were affected by the ransomware variant called WannaCry. It really made a lot of people want to cry as the damage it inflicted is estimated to be over 1 BILLION dollars!

So how does this ransomware work? Let’s take a couple of moments to see how it infects your computer and what it does to you after that.

Stage 1: Infection

Ransomware generally tries to infect your computer in one of two ways. The first is infected email attachments. Using a technique called phishing, hackers can learn about you through your LinkedIn or Facebook accounts, then send you an email making it look like it came from your colleague or friend. This email would contain an infected attachment with a name related to something you would receive from them. By investigating you and your habits, hackers make scam emails more believable and increase the chance that you will click on the infected attachment.

Another way ransomware infects your computer is through compromised or infected web pages. In this case, you may receive an email, a text message on your phone, or even a LinkedIn or Facebook post with a link. This type of message or post is designed to appear legitimate and entices you to click on it, leading you to an infected web page. After that, the ransomware on the page scans your computer for vulnerabilities. If it finds one, the ransomware immediately uses it to infect your computer.

Stage 2: The damage is unleashed

Upon infecting your computer, the first thing ransomware does is scan your computer and all external storage media for files that are important to you. For example, your photos, videos, music, and MS Office files would be a great candidate. Once the files are found, either locally or over the network, the ransomware encrypts them with its own secret key. Once the files are encrypted, they are useless to you as their content is rearranged in such a way that your computer no longer understands them and cannot open the files. Note that system files that belong to the operating system are generally left untouched. That would render your computer inoperable and prevent ransomware by continuing to the next step.

Stage 3: ransom demand

Once the ransomware does its dirty work and encrypts all your dear files, a ransom letter appears. In the letter, it explains that your files are encrypted and in order to decrypt them or put them back in the order they were before and make them accessible again, you need to pay a ransom. You see, a simple money transfer would be easily traceable by authorities and hackers would be caught very quickly. That is why hackers came up with a more sinister scheme to use another type of currency called BitCoin. This currency is legitimate and is used on the web for financial transactions. However, hackers liked Bitcoin for its anonymity. BitCoin transactions are virtually untraceable, making money exchange safe for hackers and untraceable for us. Since most of us don’t have BitCoin lying around, hackers “politely point” you to legitimate sites where you can buy BitCoin with your money. They then tell you where to go to pay with your newly purchased BitCoins. In return, the hackers should either send you a key or enable the ransomware decryption option so that you can get your files back. The ransom that is asked to be paid varies, but on average it is around $679 in BitCoins. To deliver even more bad news, there is no guarantee that after paying, you will get your files back. There have been many reports of users paying and getting nothing in return! Sounds scary right?

Then what do you do? How do you stop this nightmare?

Solutions

There are several things you may want to do to lower your risk of infection:

Keep your operating system up to date

It is widely proven that most ransomware uses vulnerabilities found in operating systems like Windows 7, 8, and 10. By updating your operating system regularly, you fix those vulnerabilities, so that when ransomware tries to infect your computer, the loopholes are there! closed! In Windows OS, you can set it to update automatically and all you have to do is restart your computer from time to time when updates are applied.

Choose and correctly install your antimalware solution

Your protection software plays a very important role in defending your computer from all kinds of malicious software (malware), including ransomware. It can detect malicious behavior and stop it before it can cause significant damage. Maintaining a clean and up-to-date anti-malware solution is absolutely necessary to keep your computer clean and protected.

The Final Frontier of Protection: Backup

It may surprise you to learn that the best protection against ransomware is to be proactive. Instead of trying to recover your computer after it has been infected (which is proving to be more and more difficult lately), simply restore it to a previous state without infection! It keeps backup copies of your entire computer on external and protected media. If your computer is hit by a ransomware attack, instead of paying the hackers and praying they decrypt your files, simply restore your computer from the previous backup! There are many backup solutions on the market that will help you back up your computer, however, the current leader is called Acronis. You can make a complete backup of your computer and easily restore it to the previous state when disaster strikes.

Let us know your thoughts and comments in the section below, and good luck!

Share :

Leave a Reply

Your email address will not be published. Required fields are marked *