It seems that every other day, headlines tell about another data leak due to ransomware, causing massive disruption in some important industry. Already in 2021, ransomware has closed schools, shut down an oil pipeline, interfered with medical treatments and more, and ransomware is likely to continue to affect everyday life for the foreseeable future.
While this method of cyber attack is hardly new — the first documented ransomware occurred in 1989 — it still isn’t well understood by the average computer user. If you are scratching your head over what ransomware is and how it could impact you, read on for a straightforward explanation.
An Intro to Ransomware
You aren’t the only one wondering what is ransomware; as ransomware attacks increase in number, more and more average computer users are interested in understanding as much as possible about this type of cyber attack.
As the name suggests, ransomware works by taking some element of your computer or network hostage and demanding a ransom for its safe return. While no two ransomware attacks occur exactly the same way, most follow a similar pattern for infiltrating a user’s data.
Generally, ransomware gets onto a system just like any other malware: It tricks users into downloading, installing and executing an application that isn’t what it seems. Most often, ransomware is spread through phishing emails, but it can also hide in links on websites, on mysterious USB drives or on social media.
Once on a target system, the ransomware searches for data and makes it inaccessible to users in some way. Some ransomware attacks entail removing the data entirely from the network; others encrypt the data in its current location, and others still simply hide the data from view. Then, the attacker contacts the system’s primary user and demands some kind of payment for the data’s safe return. More and more often, the ransom involves cryptocurrency, but you might also be asked to make a wire transfer or reveal credit card information to retrieve your data.
Unfortunately, even when a ransom is paid, the data is rarely returned unscathed. It isn’t uncommon for data to remain missing, encrypted or hidden. Even if a user has their data returned, they will often suffer recurring attacks because the ransomware application leaves a backdoor into the system. For these reasons and others, cyber security firms do not encourage victims to pay any demanded ransom.
In all, ransomware is a nasty cyber attack method that can cause frustration for years.
Who Should Worry About Ransomware?
Ransomware is a cheap and easy method of cyber attack, and over the years it has only become cheaper and easier. In fact, there is a bustling black-market business of selling simple ransomware applications to lazy cyber criminals looking for a fast and effective attack. As a result, there are millions of variations of ransomware online, and essentially everyone is at risk for at least one type of ransomware attack.
Fortunately, the most complex and most dangerous forms of ransomware are typically not targeting average users like you. The average user doesn’t have that much liquid capital to spend on a digital ransom; though average users have lower cyber defenses, they are also worth much less, so the enterprising cyber criminal typically devotes their attention on organizations and governments.
Large entities have much more valuable data, which attackers can sell, and they tend to have millions of dollars available to spend on data recovery. As a result, a successful ransomware attack on a large organization is likely to yield major profits for cyber criminals.
Still, you are at risk for some lower-level ransomware attacks from criminals who believe that attacking millions of average users can be more lucrative over the long term. Thus, you need to be careful to keep your system and devices well-defended.
Defending Against Ransomware Attacks
If you know how to defend against other types of malware, you pretty much know how to stay safe from ransomware attacks. Here are some general tips for avoiding ransomware as you navigate the web:
Do not click suspicious links and message attachments. You should be wary of any messages coming from users you don’t know, and you should be suspicious when friends and family use strange language in their messages. If you are uncertain about a link or attachment for any reason, it is best to avoid it.
Do not download from third-party websites. Many websites do not perform due diligence on their downloads, which makes it easy for cyber criminals to corrupt their applications with ransomware. You should only download from websites with a reputation for safety.
Do not connect your devices to public Wi-Fi. Many public Wi-Fi networks make it easy for cyber criminals to see and interact with your device, perhaps placing ransomware directly on your system. It is best to invest in a virtual private network (VPN) while out and about.
Do not use unknown storage devices. USBs and other storage devices can contain malicious software like ransomware that executes as soon as you plug them in. It is tempting to think of a found storage device as a windfall, but it could be a Trojan horse.
Do install trustworthy antivirus software that scans for ransomware. The best defense is a good defense. Antivirus software from well-known security firms like Trend Micro will constantly search for threats to your device and eliminate potential ransomware before it has a chance to do damage to your data.
Additionally, it is wise to consistently back up your data, either to a physical storage device or to the cloud. Then, if you do accidentally succumb to a ransomware attack, you can launch your back-up and avoid any worry about encryption or ransoms.
It is a good idea to get educated about ransomware, so you can keep your data and devices as safe as possible. Though you might not be the primary target for all ransomware attacks, you could easily fall victim to basic ransomware if you aren’t careful. Fortunately, with the right cyber hygiene and security tools, ransomware doesn’t have to do any damage to your system.