Learn more about ransomware attacks
On May 12th, 2017 the world witnessed the biggest cyber attack in Internet history. A ransomware named WannaCry infected 200,000 machines and big organizations such as NHS and Renault were struck and crippled.
A few weeks later, a ransomware similar to Petya started spreading across Europe. This strain affected companies, banks, institutions as well the Chernobyl radiation monitoring system.
But what is ransomware and how can you protect your system against it? Read more here to find out.
What is ransomware?
Simply put, it is a sophisticated piece of malware that works on blocking your access to your important files. The only way to regain access to your files is by paying a ransom set by the attacker.
Moreover, there are two main types of ransomware:
1- Encryption ransomware: This type of malware incorporates advanced encryption algorithms. It works by blocking certain system files and will demand payment from you to give you the key to decrypt your blocked content. CryptoWall and Locky are two examples of this type of malware.
2- Locker ransomware: This type of malware will lock you out of your operating system making it impossible for you to access your desktop or any other apps. In this case, your files are not encrypted, however, the attackers will ask for a ransom to unlock your infected computer. Winlocker is just one example of this type of malware.
Crypto-ransomware is the more prominent and worrisome type of cyber attacks as it is the most common and most easily spread.
The main characteristics of ransomware:
- Can feature unbreakable encryption.
- Has the ability to encrypt any kind of files. This includes documents, pictures and audio/visual files.
- Can scramble your file names.
- Will add different extensions to your files.
- Will display a message or an image to let you know your files have been encrypted.
- Requests payment in Bitcoins. The payments usually have a time limit.
- Can spread to other computers connected to your local network.
- Frequently can extract data from the affected computer.
- Sometimes it can include geographical targeting. This means that the ransom note is translated into your language to increase chances of you understanding the message and paying the ransom.
What are the most common ways of infection?
Your computer can get infected by ransomware using the following infection methods:
- Spam email campaigns with malicious attachments or links.
- Security exploits in certain vulnerable software.
- Internet traffic that directs you to malicious sites.
- Websites with injected malicious code.
- Drive by downloads.
- Messages targeting mobile devices.
- Finally, self propagation.
How to protect your system against ransomware:
So what do you need to do to protect your system against this type of malicious malware? What steps can you take to avoid ransomware from infecting your personal and business computers? Below is some important knowledge you need to keep in mind:
- Try to avoid saving important documents on your PC.
- Have 2 data backups. One on an external hard drive and the other on the cloud.
- Turn off applications such as Google Drive and Dropbox. Moreover, only turn them once a day on when you need to sync your data to them.
- Keep your operating systems and the software you use up to date.
- Avoid using your administrator account when possible. Instead, use the guest account with limited privileges.
- Remove unnecessary plugins from your browser including Adobe Flash and Java.
- Adjust your browser’s privacy and security settings.
- Uninstall outdated add-ons and plugins.
- Use ad blockers to avoid threats of malicious code.
- Never open spam emails or messages from unknown senders. Moreover, never click the links or download attachments from such emails.
- Use paid and reliable anti-virus software.
- Understand the importance of traffic-filtering solutions.
Do you have any more tips for helping our readers protect their systems against ransomware? Please don’t hesitate to share them in the comment section below.