Ransomware is something that before this year, some people had perhaps heard of before, perhaps in passing or, it was perhaps a word they read in an article once, but to no real depth unless they were in a job where awareness of it was required. Then Wannacry, one of the most vicious and sophisticated forms of ransomware spread through millions of computers, and many businesses across the entire world were affected, including the NHS.
This easy CNN video explainer on Wannacry is really useful if you want to understand the virus more. Suddenly, as the story broke, we all knew a little bit more about ransomware, and it became clear that everybody, in both a domestic and business setting, needed to change their cyber-security in order to protect themselves from a ransomware attack.
So, what is ransomware?
Ransomware is a nasty computer virus that locks the computer user out of their computer or from particular data and demands that they pay money to get their files back and to regain access to their computer. It is most commonly hidden inside a file or attachment on an email, but it is a growing threat for smartphones as apps can contain ransomware as well. It can pretend to be a popular app so that it is more likely you will click on it and release the virus.
How does it work?
Like many computer viruses, you will in most instances, receive ransomware to your phone or your computer via an email. This will be an email that is some sort of phishing email that entices you to open it. Some are really obvious, asking you a question in the subject, pretending to be software you use or correspondence from a friend or colleague, but some are incredibly sophisticated and don’t stand out as spam at all. Once you are convinced or curious enough to open the attachment that comes with the email, the virus is released and begins encrypting your data.
Once the virus has encrypted the data and has secured access to it, it will ask for money in return for the files it has encrypted. Although money can be demanded through various payment schemes, usually it is requested in bitcoins because it is harder to trace bitcoins where they are moved around.
Commonly, the amount charged is around £300 pounds or $500 dollars, which equals one or two bitcoins. A long time ago, when malware was new, instead of a direct request for money in return for files being returned, the virus would commonly bring up a page from the police. The page would often say you had done something wrong, and a fine was needed because of that crime. The longer you took to pay, the more the ransom would be. These pages from the police aren’t used much at all in today’s ransomware, but the ransom does still increase as times goes on in many of them.
Protecting Yourself Against Ransomware
Whether you are a business or domestic computer user, it is important you protect yourself against ransomware attacks. They cost a lot of money, and they put your data at risk.
Domestic Protection Against Ransomware
As a domestic computer and phone user, you are at risk of a ransomware attack. People often make the mistake of believing that only businesses get attacked by computer viruses, but it can happen to anybody, particularly with this new strain of smartphone app viruses cropping up. It might not cost you billions of pounds to fix, and it may not ruin your livelihood to have your data put at risk, but it could cost you hundreds of pounds each individual time it happens. So it is worth protecting yourself to avoid paying out in the instance of a ransomware attack.
Here’s a few steps on how to protect yourself from cybercrime:
- Backup your files: It is easy to never think about the loss of files and information from your computer or phone, until it happens to you and then you realise the true value of that information. To avoid losing it in the first place you need to back it up. Use an external hard drive that is not internet dependant. This makes it completely safe from cyber-criminals.
- Don’t trust emails, websites and apps: You should be suspicious of any website, email and application until proven otherwise. Ransomware can only work by the virus getting access to your computer or phone. The only way it gets access is if you click on an ad, email attachment or app that is basically the virus’s door to get to your computer, and by clicking on it, you open the door wide open. So anything you receive or go on that looks suspicious, or anything you receive that you weren’t expecting, stay away from. It is better to be safe than sorry.
- Invest in antivirus software: Antivirus software offers protection to your computer. It protects you from ransomware by scanning files to check them for viruses before you download them. They also scan websites, attachments and other potential security risks on your computer.
- Keep up to date with updates: When your phone or computer needs updating, let it update. These updates will include the latest protection against issues like ransomware.
- Don’t pay: If you are the victim of a ransomware attack you mustn’t give in and pay. Paying doesn’t guarantee you your files back and it lets attackers know you will pay, which only encourages them to increase their ransom.
Protect Your Business Against Ransomware
According to recent studies from the last few years, there are millions of cyber attacks in the UK alone every year, and ransomware is the most quickly growing type of cyber-attack.
Businesses can lose millions of pounds when entire systems are attacked, and even small businesses are at risk, and small businesses, in particular, don’t have the money to spare to deal with devastating cyber-attacks on their business.
Here’s how to protect your business against ransomware:
- Do not just stick to the minimal level of recommended security to comply with UK law. It is recommended you stay vigilant in implementing the very latest security techniques available in order to protect your business from cybercrime.
- Keep systems up to date so they are already equipped with the latest software to help prevent cyber-attacks. Outdated computers and systems are much more vulnerable to cyber-attacks than new ones because they aren’t equipped to deal with the latest types of attacks.
- Educate your staff and anyone who uses your system so they know how to identify ransomware risks.
- Backup your files to an external hard drive that does not use the internet.
- Get layered security. Ransomware protection is critical for business, but it should just be part of a broader, more detailed plan against all cybercrime. Make sure you use the best of the best when it comes to experts advising you on how to keep your business protected.
When it comes to ransomware, we should all expect bigger and better viri and ways to get them into our computers over the next few years. The best way to avoid becoming a victim of malicious cyber-criminals, is to ensure your ransomware protection keeps getting bigger and better at a faster pace than those trying to steal money from you. Staying vigilant, and being proactive is the best possible form of defence.