One day you turn on your computer expecting to work on your emails and instead you’re greeted with a big red image demanding dollars payable to an unknown party in the next twenty-four hours or everything on your hard drive will be erased and gone forever. Welcome to the latest, “hottest” way for cybercriminals to pick your pocket – ransomware! But what is ransomeware, and what can be done to protect against it?
A Brief History of Ransomware
As security professionals and software vendors have made headway in combatting global malware campaigns, hackers have been stimulated to come up with more inventive ways of maintaining their revenue streams without relying on run-of-the-mill frauds using credit cards.
So, new viruses were born with names like Cryptolocker, Cryptowall, and, more recently, TeslaCrypt, all members of a family of infections known as ransomware. The earliest known version of ransomware, CryptoLocker, first appeared on the scene towards the end of 2013 and hit so hard that it sent the Internet world reeling.
Suddenly a flood of users was reporting that a new kind of virus had locked down their hard drives, and their critical data was being held to ransom. Because of its unknown nature, ransomware was able to infect tens of thousands of computers in a matter of days. What made matters worse was that the cybercriminals received encouragement from desperate users who paid the ransom to get CryptoLocker removed from their computers.
Unlike “conventional” malware that installs backdoors, keyloggers, or trojans on a computer, with the expectation that a user will eventually provide details of a credit card or other personal information, CryptoLocker and its variants create simpler and more reliable ways to maintain revenue streams. Initially ransom amounts varied wildly – from $25 to $600, usually always paid in Bitcoins, or forwarded via MoneyGram to untraceable prepaid cards in Eastern European nations. Recently, the criminals have become bolder by, for example, attacking hospitals – a Los Angeles hospital recently paid them off to the tune of $17,000.
Ransomware Went Mobile
Ransomware soon spread to mobile security firms and mobile phone owners by migrating to selected hardware devices running Google’s Android operating system, and even a few devices in the iOS ecosystem. Fortunately, phones and tablets with Android or iOS automatically back up vital data to the cloud each time the devices are plugged in for recharging, so the damage was significantly less pronounced than what was being seen on PCs.
Two Simple Solutions
1. Contact an antivirus vendor: If you get infected, an antivirus vendor may have a fix for your specific type of ransomware. What was once an undefeatable wild animal has since been tamed into a much more manageable threat, and many antivirus fixes are available that can be downloaded to a USB stick to plug in when the ransom screen appears. That said, criminal innovation is not stopping, and new types of ransomware are being developed daily making it difficult for antivirus vendors to stay on top of the problem.
2. Back up everything: Ransomware exploits people’s reluctance to back up their data onto a hard drive that is completely separate from their main PC or network. By backing up your files to an air-gapped external hard drive each day, you circumvent the rationale that allows ransomware to get you to pay up in the first place. Alternatively, you can use a cloud storage solution or backup service to provide the same level of protection.
When ransomware first struck, it sent a tsunami wave through the security industry and affected tens of thousands of computers. Since then, out of necessity, the IT world has adapted. If you have concerns about the safety of your computer network, please let us show you how we can help you to avoid being ransomed.