Ransom – We have all seen it in the movies or read about it in the media. A wealthy person has something of value, be it a family member, a favorite dog, or piece of art that someone steals and then demands payment for its safe return. Too often the ransom is paid, and the ‘item of value’ is never returned. Probably the most infamous case of ransom occurred when the infant son of famed pioneer aviator Charles Lindberg was kidnapped and held for ransom. Sadly that didn’t turn out well for the family.
Ransomware is one of the newest cyberthreats.
Today we are concerned with the growing problem of Ransomware…hackers kidnapping our data and then holding it for ransom. Essentially what happens is that YOU allow access to your digital system, via download, a Trojan that starts encrypting all your data once the payload is activated. Once all your data is encrypted, you are presented with a screen message that says in some form or another “Attention: Your files have been encrypted, and we have the key. Send money for the key via bitcoins, or, in X amount of days the key to the encryption will be destroyed and your data will be permanently lost”. Seeing such a message will send anyone into a panic and they will try and seek help from some professional computer geeks who will only shake their heads and advise you to pay up and hope for the best.
Some forms of ransomware date back to 1989 with ‘PC Cyborg’, grew more sophisticated and morphed into Gpcode, Troj.Ransom.A, Archiveus, Gpcode.AG, Gpcode.AK, and culminating with the dreaded Reveton, CryptoLocker, CryptoLockerF and CryptoWall. In each of the newer versions of ransomware the ‘culprits’ demand bit coin payment for the key to the encryption…or else.
Since there are few options to mitigating the malware once it is in your system, the best cure is prevention by lessening the opportunities for the Trojan to enter your system in the first place. As mentioned above…you are the person that invites this disaster to occur by carelessly inviting it into your system. Stop doing that! The best ways to avoid a ransomware disaster is to first have up to date antivirus software on your system. This will scan incoming emails and look for recognized malware, but you must keep it patched and updated so it can block new forms of malware. The next thing you need to do is take the time and be cautious about opening any potential emails that will contain malware. Before you click on ‘Open’ think twice. Finally, heed the advice you have heard for years…backup your system on a regular basis. That way when CryptoLocker or a variant attacks your system, you can moan, groan, and then move forward with your backup without facing a total loss.
Ransomware in some form or another is here to stay…it is a lucrative business for hackers…so be prepared, or be prepared to pay.
One of the best ways to safeguard your business against any cyber threats, new or old, is to get educated on the intricacies of cybersecurity. Here at The National Cybersecurity Institute we offer a wide variety of training courses intended to expand individual knowledge on cyber threats within specific industries.
Geier, E. (2014, January 13). How to rescue your PC from ransomware. PCWorld. Retrieved from http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html
SlashDot. Ransomware hits three Indian banks, causes millions in damages. Retrieved from http://yro.slashdot.org/story/16/01/25/000239/ransomware-hits-three-indian-banks-causes-millions-in-damages
Boatman, K. (2015). Beware the rise of ransomware. Norton. Retrieved from http://us.norton.com/yoursecurityresource/detail.jsp?aid=rise_in_ransomware