The Rise of Ransomware

As MP’s criticise the NHS over the WannaCry incident in 2017, we bring you a full guide to Ransomware provided to Think Digital Partners by our friend Bill Hess at PixelPrivacy.com

Posted 18 April 2018 by Lucy Brown

Ransomware is on the rise. In late 2016, a report released by Malwarebytes stated the following: “Nearly 80 percent of organizations have been the victim of a cyber attack during the past 12 months and nearly 50 percent have been the victim of a ransomware attack.”

The report also indicated that almost 40 percent of all the victims, in fact, paid the ransom.

That means that ransomware is an undeniable threat to every individual and company. The question now is, what is ransomware exactly, and how can you defend yourself against it?

What Is Ransomware?

Ransomware is a type of malicious software that encrypts access to files stored on a computer or smartphone. Simply put, you can’t access the “blocked” files anymore, and the only way to unlock the files is to pay the “ransom.” Typically, a ransom has to be paid in Bitcoin or other cryptocurrency.

Moreover, there are various variants of ransomware; some are extremely aggressive and advanced, while others are less threatening and can be decrypted (unlocked) by tech-savvy users.

An example of advanced ransomware is WannaCry. It was reported that the attack affected more than 200,000 computers across 150 countries. As you can image, an attack of this magnitude caused a lot of damage, which was estimated to range from hundreds of millions to billions of dollars.

Ransomware attacks are mostly launched via a Trojan. The Trojan then enters the system when a user downloads a file that masks the Trojan.

In 67% of all the incidents, a Trojan enters a system through phishing emails. That means that people are tricked into opening a fake email and download the malicious file (of which they think is a legit file).

Software development companies constantly push software fixes and patch security vulnerabilities through the release of software updates.

However, a lot of people fail to install important updates in time, which means their device is vulnerable to (ransomware) attacks.

When the ransomware is nestled in your system, it will lock files and encrypt data. Regardless the type of ransomware, the goal of the hackers is always to extort a ransom (payment) from the victim.

According to Tom’s Guide, the ransom ranges from $300 to $700 dollar for victims in the United States.

How to Defend Yourself Against Ransomware

As mentioned before, if you’re victim of a highly-advanced type of ransomware, chances are that the only way of getting your files unlocked is by paying the ransom.

However, there are some ways to weapon yourself better against ransomware. The goal is to minimize the risk to become a victim – or not have your system infected in the first place.

Phishing Emails & Attachments

Now you know that 67% of all successful ransomware attacks came through an email inbox, it’s incredibly important to never open any unknown emails. If you accidently open an email, know that there’s no harm done yet, but you must never download any attachments of these emails.

It’s a relatively big chance that the attachment contains some type of ransomware, hidden in a Trojan application.

There are quite a few signs that should ring the alarm bells when it comes to phishing emails, but you have to be aware what these signs are.

Automatic Updates

Vulnerabilities in, for example, your Windows operating system and any other software program installed on your device, are fixed through updates. It’s therefore essential to always update your software as soon as possible.

Many of us don’t check daily updates of the software installed on our devices, so that means it’s best to simply enable automatic updates for trusted software programs. This will allow the software to automatically update itself minutes after the release – and you don’t have to worry about anything!

Antivirus & Anti-malware

A good antivirus program is an essential factor to keep your device protected from threats – be that a computer or smartphone.

As an additional layer of protection, install an anti-malware program that runs alongside your antivirus.

There are plenty of antivirus and anti-malware applications for Windows, Android and macOS. However, there are fewer options for iOS devices.

Apple designed their iOS products specifically to provide the best possible protection for its users. The framework of iOS devices is build in a way which limits the apps installed on an iOS to communicate with each other.

However, jailbroken iOS devices are not protected by Apple’s security system.

Prevent Paying for a Ransom

The best alternative to neglect a ransom payment is to always keep backups of your files and data. When you regularly create backups of your system, the damage is fairly limited.

Even if you lose certain files, you can always rely on the latest backup.

It’s important to store a backup of your data on a secure cloud storage platform or on an external hard drive.

If you don’t want to remind yourself to create backups, simply enable automatically generated backups. It’s up to you how often you want to create backups, but I’d say once a week is sufficient.

Practice Smart Computing

When you browse the internet, use common sense to protect yourself. When it comes to real-life, you won’t walk into a dark alley all by yourself when you’re in a bad neighborhood. Apply that same common sense when browsing the web, don’t visit the dark corners of the web.

That means to never install unknown software or other applications on your computer or smartphone. Stay with the trusted apps in the Google Play Store, App Store, Windows Store and Mac App Store.

Lastly, always make sure to be able to view complete file extensions on your computer. Be cautious with unfamiliar files, as well as files with extensions like “.app,” .exe,” “.vbs,” or “.scr.”

Bill here from PixelPrivacy.com. My blog is all about making the world of online security accessible to everyone. I pride myself in writing guides that I’m certain even my own mom could read! Be sure to head over to my blog if you’re interested in keeping your private information just that: Private!