Ransomware were first discovered in 1989. As the time is passing by, there’s a lot of other types of malware appeared. A lot of security precautions have been developed as well, to bring the dangers of ransomware down to nothing.
There’s been rumors of diminishing of the ransomware attacks, so one might believe ransomware is not that dangerous anymore. While ransomware hackers indeed focused on a cryptojacking for some period of time, this doesn’t mean we should stop taking care of our cyber safety.
Ransomware would keep appearing again and again. Last famous ransomware attack GrandCrab has been happening just recently. Another famous ransomware attack, known as WannaCry virus, was happening during 2017.
Having that said, you might want to know if ransomware is still a threat for ordinary user. How to prevent ransomware from locking down your PC and encrypting your private files?
Let’s try and figure that out in this article.
What is ransomware and how does it work?
Ransomware is a type of malware that mostly pursuits financial benefit. As soon as this malicious program gets it’s way to your computer, it would try to encrypt your most important personal files and documents. Decrypting your files is virtually impossible without having a secret key that only hackers, who created the ransomware, possess.
In order to gain access to your files and bring back your personal documents, the attacker would demand you to pay a certain amount of currency or in most cases a cryptocurrency.
The amount you will be asked to pay depends on many factors. These include: your financial conditions, the importance of your files, and some random factors – like the mood of the attacker. On average, you’ll be asked to pay from $100 up to a $1000 for decrypting your personal files.
In case of big companies, ransom attackers usually look for the most financially successful victims. Hence, the amount of money they ask, may be as high as half million USD. The type of companies they attack, are: private hospitals, government organizations, financial institutions, industrial manufacturers, etc.
What are the other types of ransomware?
Besides the most popular ransomware attack that encrypts your files, there are other types out there. They are less popular, but still very unpleasant to be on your machine. Here is the list of known ransomware attacks that may happen with you:
- WinLocker – as the name suggests it is primarily aimed to attack Windows users. What it does, it installs a system-wide popup with some inappropriate graphical content. This may be the adult photos, or some other unwanted type of content that blocks access to your Windows computer, and demands to send a SMS to a paid number. Sometimes it may require you to transfer a certain amount of bitcoins to an attackers’ account, but this is less common. Many types of WinLockers would disappear by themselves after a month or less.
- Leakware – this type of ransomware threatens to publish your confidential data, or use your intellectual property for their own benefit. In case you have some business related documentation, financial data, personal photos or videos, attacker would publish this information, so everyone would find out something about you that you don’t want to expose. They will ask you to pay a ransom within certain limited period of time, otherwise they would do what they threaten to do.
- Scareware – another type of ransomware program that acts as a fake virus scanning tool. It takes advantage of non-tech savvy users, by showing a popup that claims to have found a lot of viruses on your computer. You are asked to pay a specific amount of money, so the tool would “clean your PC up from those viruses”. In case you hesitate to make a payment, the scareware would continue showing the annoying popup all over your monitor.
The most dangerous types of ransomware are probably the cryptolocker and the leakware. A cryptolocker is another name for a ransomware that encrypts your files.
WinLocker problem can usually be solved by booting your computer in a safe mode, and removing it manually. Same goes with the Scareware. Cryptolocker and leakware types of ransomware, are virtually impossible to fight once you got infected.
Is ransomware still dangerous?
Nowadays, ransom attacks mostly happen to a big companies that are much more valuable victims for the hackers. Nevertheless, this doesn’t mean you can not become a victim of such a virulent attack too. The thing is – ransomweare does not choose who to attack. It just gets deployed to a machine (even it it’s a home user), and starts it’s dirty business.
As of year 2019, there are new, and better ransomwares out there. While in previous decade, one must had had a deep computer knowledge to become a ransomware attacker, it’s gotten much easier for anyone to become a hacker. With the appearance of RaaS (Ransomware as a Service), anyone can purchase a cheap copy of ransomware sample, and use it to gain a financial benefit. A good example of that is the 2018’s GrandCrab RaaS.
Another important factor that makes ransomware even more dangerous today than it was 10-20 years before, is the wide acceptance of cryptocurrency. Hackers require a reliable and anonymous way to collect ransom from their victims. Cryptocurrency is the most helpful tool for their crimes.
It worth mentioning, the amount of unsafe public Wi-Fi hotspots has greatly increased, as well as the amount of travelling Internet users. This imposes even more ransomware risks for a non-commercial computer user.
Will you get back your encrypted files after paying a ransom?
As with usual type of criminals (the ones who operate on the streets) – you can never be sure if you can trust them. While they would probably claim to never cheat you – there is no guarantee to decrypt your files.
You may try to do that, and pay the money they demand, but there is a big chance you won’t get your data back whatsoever. Attackers may simply not keep a decryption key. They might not just want a money, but also want to a moral satisfaction from harming you.
In past, even FBI suggested to pay a ransom in these cases. This worked for some big companies. Others left without their money and data. Sometimes, hackers would continue charging more and more, knowing you are desperate to decrypt your files.
Overall, this is very unpleasant situation, and no one wants to ever face it. Paying money is not really the best solution here.
How to prevent ransomware from locking your PC and files?
While there’s really not much you can do in case you’ve already gotten attacked by a ransomware, there are a few actionable steps you may wish to take in case you want to prevent your files from being lost forever.
So, what are the best tips to prevent ransomware from dealing a damage to you? Here are the must have tips:
- ALWAYS keep a BACKUP of your IMPORTANT files. Make sure you implement this step. This is pretty much 99% guarantee for you to never feel a grief of not being able to restore your files. Using an offline data storage (HDD, SSD, USB-Stick, CD?) is the most reliable way to protect your sensitive data. Make sure you backup your files regularly, and keep the offline storage out of reach for the attacker. You can also use any type of cloud storage to make additional copies of your files, if you don’t want to mess with all those storage devices. Cloud storage would usually keep older versions of your files, so even if the storage itself is attacked, there is always a way to restores your files to their previous versions. In addition to that, each cloud storage also includes a sophisticated security software.
- Do not install any software from non-familiar sources. These includes: web sites, storage devices, links in your email. Installing anything that looks suspicious, is extremely dangerous, as it makes it much easier for the attacker to deliver a ransomware to your machine.
- Be very careful when opening email attachments. While you can’t really get infected by simply opening an email, there is an easy way to get the ransomware through executing a malicious email attachment.
- Use reliable anti-malware software that has a built-in ransomware protection. A good example would be the Bitdefender. This security suite includes a reliable ransomware protection module. It would watch your personal files, and block the unauthorized modification of those, hence preventing them from being encrypted. In addition to that, there is also a ransomware remediation feature included, that would help you restoring the files after being hit by a ransomware attack. Another good anti-ransomware alternative would be Kaspersky Total Security. It also makes much less system performance impact, which is very useful if you prefer to have your laptop with you while on the go.
How to remove a ransomware?
It’s actually quite easy to remove the ransomware execution file itself in most cases. The bigger problem, is once your files are encrypted, there’s really no way of decrypting them.
Of course, you might try searching the Web for a decryption tool. Some type of ransomware are being studied by experienced anti-malware companies like Bitdefender. They even managed to create the decryption utilities for some ransomware viruses.
With that said, ransomware creators keep inventing more and more sophisticated ransomware programs. The decryption tool that worked yesterday, might not be able to help you during today’s attack.
The one and only way to get protected against ransomware attack – is to get prepared and take the security precautions mentioned above.
One and only reliable way to stay safe from ransomware threats – is to accept the necessity of doing regular backups. This would save you tones of money and prevent headaches from forever lost data.