What is ransomware?
Ransomware is a type of malware that limits or prevents users from accessing their systems. This type of software coerces its victims into paying a specific amount of money through e-payments in order to be granted access to their systems or to retrieve their lost data. Ransomware can be unintentionally downloaded from malicious or compromised websites. Also, it can come in 'a package' with some other malware, can be executed by it, or it can be received as an attachment in spam emails.
After it gets initiated on the system, ransomware can lock the screen of the computer or crypt certain documents with a password. In the case of desktop locking, ransomware displays an image or a notification spread across the screen which disables the victim from accessing the system. This is also the usual way to display instructions on how to make payments to the attacker, which would unlock the access to the system. Cyber-criminals behind these attacks usually use methods of online payments such as Bitcoin, PaySafeCard, or Ukash to get money from the victim.
How to protect yourself?
· Always double-check the email sender – If the email is supposedly coming from a bank, always check with your bank if the message is legitimate. If the email is coming from a personal contact, check with the person if they had actually sent the email, since both you and your friend or family member could be victims of the attack.
· Check the content of the message – There are some obvious mistakes you can spot in emails: if, for example, your bank or your friend claim that they had received something from you, check your previously sent messages in order to verify those claims if you're not sure.
· Don't open suspicious links in emails – Opening links in emails should always be something to avoid. It's always safer to directly visit the website mentioned in the email. In case you click on a link in an email, make sure that your web browser checks the web reputation of the link.
· Keep your software up-to-date – Regularly updating your software gives you an additional level of protection against many attacks.
· Do a backup of important data – Currently, there is no known tool which would decrypt the documents that have been encrypted using CryptoLocker. In order to stay safe, it is always best to do regular backups of your data and files. A smart principle to apply is the 3-2-1 structure: 3 copies, 2 different media, 1 separate location! Windows also offers an option called Volume Shadow Copy that enables you to restore your documents to their previous condition, and it's enabled by default. Cloud capacities can also be an important part of planning your backup strategy.
· Get an adequate solution for endpoint protection – There are also endpoint protection solutions that could provide you with protection from ransomware attacks