Ransomware is a nasty bit of malicious software—malware for short—that encrypts files and documents on either one computer or a network of computers and servers. Once the victim’s network is encrypted, the hacker will only let them regain access to their network in exchange for a ransom or sum of money.
The Hack Attack
Step 1: A hacker infiltrates your computer. The most common ways ransomware enters computer networks are:
- Email—Phishers will trick people into clicking on a malicious link that redirects them to a fake login page or a suspicious email attachment that will infect the computer with malware.
- Vulnerable software—People with malicious intentions can find holes in any software that’s not properly protected. They do this by overrunning the system with commands until it's forced to fail and give them access without them even needing to harvest credentials.
- Pirated software—disguises itself as a safe app/program, but is actually a virus. Once downloaded, it infects the user’s device.
- Removable devices like a USB drive—hackers will infect a device in the hopes that the victim will plug that device into a computer.
Step 2: The hacker encrypts as much of your data as possible. Essentially, the malware enters the computer’s IT infrastructure, gathers as much data as it can get its sticky little hands on, rushes the data into a room, and locks the door—metaphorically, speaking. The only one with the key to that door is the hacker. Big oof.
Step 3: The hacker displays a message requesting a ransom payment in exchange for your data. The hackers want their money and you want your data, but the hackers themselves are the only ones that can access your data. And that’s why the majority of ransomware is designed to present the victim with a little note stating just that. They may even threaten to release your data to the public if you don’t pay up.
While an attack like this is terrifying, there are ways you can prevent it and stop a hacker in their tracks.
How to avoid it?
Don’t click strange links and attachments! Do a careful investigation before taking any actions on even the least “phishy” email.
Invest in email and endpoint protection software. This software scans emails and attachments for harmful files and also detects phishing scams before you fall victim to them.
Back up your data. Creating a backup of your data means you have a copy of it somewhere safe, like an external hard drive or the cloud. This preventative measure is a last resort to retrieving your data if it’s being held for ransom. The user won’t have to pay the hacker, so those snakes can count their losses. However, if the hacker has taken your data and downloaded it onto another device, it’s still possible they’ll release it to the public.
Two effective ways to backup data:
- External hard drives—they live outside a computer and can be plugged into other devices.
- Cloud storage—allows files and data to be stored off-site and can be accessed through other devices.
Using any of these storage options allows you to wipe your computer entirely without worrying about losing anything important.
What to do if it happens to you?
- Identify: Try to determine where the attack came from and what type of malware you’re dealing with.
- Isolate: Separate the infected device from all other devices by deleting any paired devices from the Bluetooth settings or even physically unplugging any other devices connected to the computer.
- Report: Report the attack to the FBI using the Internet Crime Complaint Center.
- Restore the data: This step depends largely on what you’ve done to secure your data. However, paying the ransom usually proves to be ineffective or an invitation for more ransomware. You can either try to remove the malware on your device by taking it to a professional and restoring bits of your hard drive or you could wipe the whole thing entirely.
- Prevent further attacks: Be aware of what you’re doing on the internet—follow the different suggestions mentioned in this article and stay safe!