In the last few years, the term “ransomware” has gained a lot of attention on the cybersecurity and web security fails. Evoked by individuals as well as business, this word has become a source of anxiety and fear. This technique, widely used by hackers, puts its targets in inextricable situations. Here is what you need to know about ransomware and the precautions you need to take to protect yourself against this cybersecurity threat.
What does a Ransomware mean?
Ransomware is a computer program used to infect terminals connected to a computer system with malicious code and thus block your access. This malicious software infiltrates your computer as well as your smartphone, and takes all your data. Virtually impossible to detect during normal computer operation, this malware encrypts your important files and content. This type of program first appeared in Russia, before spreading all over the web. Today, the practice has become commonplace, and has been adopted by a multitude of hackers aiming to attack personal and business data.
Encrypting to trick you into paying a ransom
The main purpose of this malware is to demand a ransom. The encryption of your data is used as a means of pressure to make you respond favorably to this virtual form of blackmail. By paying the ransom, you get a key that will decrypt all your content. Most of the time, the ransomware infiltrates through a file that you downloaded by forgetting to choose an antivirus.
Streaming and downloading sites are the first places where ransomware can be found in excess via adware present (usually involuntarily) on these websites.
Others, more insidious, spread through e-mails. The latter are often the most dangerous, as they can be opened at any time by a novice Internet user who knows nothing about ransomware and cybersecurity tools. In most cases, these malicious programs will try to extort money from you. The amounts are extremely variable, and will change depending on the ambition of the hacker or the supposed value of your data.
To obtain the decryption key, you usually have to pay the requested amount in crypto-currency (bitcoins, ethereum etc…). Hackers prefer this solution, because it is impossible to verify the traceability of crypto movements. However, it is strongly advised not to pay the ransom demanded because there is no proof that you will recover your data after payment…
The difference between locker Ransomware and crypto ransomware?
There are currently two types of ransomware commonly used on the web. Although both types of programs have the same purpose, they have characteristics that distinguish them.
Crypto ransomware
This first type of ransomware (which has nothing to do with cryptojacking) aims to encrypt your most important data. Its program targets sensitive documents, images and other videos or those that may represent any financial interest. Although it attacks your computer’s files, the crypto version of the ransomware does not attack its basic functions. Its goal is to put you in a state of panic, in order to force you to comply with its request.
The hacker takes advantage of this confused state of your computer. In most cases, the program includes a countdown timer informing you of the payment deadline. The hackers threaten to delete all your files if the payment is not made before the deadline. Since many users do not always find a reason to install antivirus software, which could protect them from this type of attack, files saved on a computer are easy prey for cyber criminals. Considered as programs with devastating impacts, crypto ransomware is currently among the most effective malware on the web.
Locker ransomware
This second type of ransomware focuses on the computer’s functionality and can limit access to it. Locker ransomware prevents you from entering your user interface, or partially disables the functions of your devices. Sometimes, these features may be blocked entirely, preventing you from interacting with the entire system.
Ransomware has a transmission mode that is compatible with all terminals: Computers are not the only targets of ransomware. These hacking programs can also infect smartphones and poorly protected tablets. The lack of antivirus software is just as dangerous for PCs as for any other device that can be connected to the Internet.
What are the consequences for the user infected by ransomware?
Once your computer or smartphone is infected, you cannot access your files. The consequences vary depending on the type of user. But they can be consequential as it happened to the city of Baltimore in the United States in May 2019 (see the article Baltimore paralyzed by a computer virus which found itself paralyzed following the infection of its systems by a ransomware initially developed by the NSA and which had been patched by Microsoft long ago. Hence the repeated importance of updating Windows (or any other OS) and its software to avoid being infected via known vulnerabilities.
For business users:
Professionals are the first to notice the consequences of a ransomware on all their activities. In addition to a more or less important exposure of confidential files, there is no guarantee that your data will be protected against a possible extraction. The main disadvantage for companies and freelancers remains the financial aspect: a ransomware makes you lose productivity.
An unpredictable situation that makes you lose customers, and also affects their trust in you. The adoption of a computer security system will only be effective if you install it before you even connect your park to the Internet.
For individuals:
If the average user is less exposed, he is not safe from danger. Photos, videos, passwords and other sensitive information stored on your terminals are vulnerable to hackers determined to make a financial profit. By being a victim of phishing, you take the risk that your personal information will be used for malicious purposes. And without backup software, there is a good chance that the data on your smartphone or computer will be permanently erased.
How to protect yourself from ransomware and its malicious attacks?
- In either case, installing an antivirus software remains the only really effective source of protection against these attacks. Limiting downloads to approved, official or officially licensed platforms is also recommended to avoid the cyber threats.
- Making regular backups of your data and operating system (Windows 10 backup or backup of your data in the cloud) is also recommended, especially if you have data that requires optimal protection.
- As mentioned in this article, it is important to constantly use strong passwords and update your operating system and software because ransomware usually uses known vulnerabilities to infect you via these vulnerabilities. Keeping them up to date will save you a lot of trouble.
- One last piece of advice: be vigilant in your use of your devices! Think before clicking on a link (hovering over links for example is a reflex to adopt to check which site you are going to) or to open an attachment received by a spoofed email. Hackers usually take advantage of users’ credulity to infect their devices.
