Dealing with Ransomware

Ransomware
Ransomware

Ransomware is defined as “a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. The cryptovirology form of the attack has ransomware systematically encrypt files on the system’s hard drive, which becomes intractable to decrypt without paying the ransom for the decryption key. Other attacks may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a Trojan, whose payload is disguised as a seemingly legitimate file.”

As we see more instances of hackers gaining access to business and personal computers alike, we have also seen a rise in ransomware circumstances. But ransomware isn’t just affecting pc’s and laptops, they are going after tablets and mobile devices as well. Any device that has stored information that is deemed valuable to the user and the user is willing to pay to regain control of said information.

These attacks generally come through a malicious email or website. Hackers can also get into your computer directly through a backdoor that they may have previously added to your computer without your knowledge. Rich Jacobs of the FBI’s Cyber Crime Divsion recently spoke out on the subject, after the FBI issued new warnings about the rise of cyber crime, specifically directed at ransomware. “In 2015 alone, we received about 2,400 of these complaints with total estimated losses of about $24 million,” Jacobs said.

If your personal or business computer is infected with ransomware, the hackers are typically asking for payment via Bitcoin. Bitcoin offers an anonymous way to pay without being traced backed to the hacker. The FBI has advised against paying for ransomware. If we continue to pay, it only encourages hackers and could also give them access to your bank accounts.

Dean Fowler, Digital Forensics Examiner on Liberty’s Digital Forensics team is well aware of ransomware. “Ransomware is a nasty virus that encrypts your computer and it’s impossible to break that encryption. Unfortunately, it’s really big right now. It’s very debilitating. It locks your computer down and you can no longer use it. All your files/information are gone.” Dean has some tips for preparing yourself for such an incident.

  1.     Make sure your anti-malware software is up-to-date, so that hackers can’t access your computer through a backdoor they can create while gaining access without detection.
  2.     Do not save your log-in or password information to your computer on any website that may have your banking, credit card information, or social security number. This includes your banks website, sites such as Amazon.com, and utility websites.
  3.     Be aware of strange emails and stay away from websites that you are not familiar with.  If an email is sent from someone you do not recognize and comes through with a hyperlink, do not click through. A lot of ransomware comes through pornography websites or through group chat forums.
  4.     Do not give anyone access to your computer that you do not know. This also includes being mindful when using your computer in public. Don’t type your computer password in front of someone and do not leave your computer unattended. Do not enter in any sensitive information while on a public wifi network.
  5.     The best thing you can do to protect yourself is to back-up your computer every day. If you back-up your computer and a hacker attacks and demands ransom for your files, you won’t need to pay. You will have a backup of files ready to install on a new device without losing any information.

Leave a Reply

Your email address will not be published. Required fields are marked *