What Is Ransomware?
Ransomware is typically any Trojan, worm or virus that, in essence, encrypts your files and then tries to charge you money to reverse that process. Ever since it was introduced, it caused so many problems to people that even the FBI (Federal Bureau of Investigation) encouraged the victims affected to pay up the money if they want to get out of trouble. It can be commended as a reasonably smart way of performing a crime.
If any computer gets affected by Ransomware and it has no antivirus, then the damage is already done. Most of the time, one can’t get the key back unless they pay. But in case of backup, which a lot of people don’t have, then one can restore it.
It is not a surprise that the most significant attacks being reported in the news are because of Ransomware. This is basically due to the immediate impact they have on standard users. Ransomware got a lot of attention when hackers spread the malware into the NHS (National Health Service) computers in the UK and wiped all the data of patients away.
How Does One Get Affected By Ransomware?
Once Ransomware gets on the computer, usually through an infected email attachment or the common Trojan horse attack, it locks the computer and data, and demand payment in exchange for control of the system back. There are a lot of big Ransomware programs like Cryptowall which has made outstanding millions of dollars for its developers and are still going on up to date.
Usually, victims are tricked by being fooled that something is wrong with their computer and get you to pay money to fix it. This can be found in the banner ads we see online when one is browsing and quickly sees an alert sign telling you that a malicious item was detected. Sometimes one may have control over this, but it gets annoying when you have to deal with constant popups until you find a way to get rid of the malware.
The Ransomware hackers also use deceit tactics such as posing as the authorities and warning you that the computer was used to operate illegal activity, but one can get access back by paying a few hundred dollars. Using emails such as spear phishing attack that tricks users into clicking bad links, could be another way victims get manipulated.
Hackers have now made Trojans that are self-replicating in the sense that it gets spread from one person to another without knowing it. This exploit was found by the NSA (National Security Agency) which was an exploit of Windows file-sharing capabilities. As large organisations share files from a central server to all their small machines, it will spread the worm and infect other computers with the malware.
Mainly it is spread via emails. It only takes one person to click on it and easily spread the Ransomware which slips out on port 445, and through the security wall where unpatched installations install. The NSA discovered this method and named it Eternal Blue. They kept it a secret so that they could use it for counter-terrorism purposes up until they were themselves hacked by another group called the Shadow Brokers which then released it to the public.
For most Trojans, those who are very vigilant about running email attachments will never get them even if they don’t have an antivirus. Continually installing updates will give one an easy time from all the problems caused by such malware. Having backups saved, preferably not online, will have a significant chance of avoiding pitfalls to fall as victims.