What is ransomware, and why are we talking about it?
We have all heard of malware, right? It stands for malicious software, and includes viruses that infects your computer if you click a link, or spyware that gathers information on you without you knowing. But malware also includes an emerging, and very troubling type called ransomware.
As the name suggests, cybercriminals gain access to your information, like personal or business financial documents, priceless family photos, and other irreplaceable items you have on your computer, and they hold them for ransom. The criminals will ask you to pay up, or risk losing all your files. A recent article in Money magazine shows the criminals seem to be winning.
That is scary. You say it’s emerging. What do we know about it?
The growth of ransomware has been astronomical in recent months. According to Phishme, a cybersecurity firm, in the fall of 2015, ransomware emails accounted for just 2 percent of emails with malicious links or attachments. By the fall of 2016, that number had jumped to an incredible 97%! According to the FBI, total ransomware losses in 2016 hit $1 billion, up from $24 million the year prior. The growth has been truly astounding.
How does it work?
For their scheme to work, the scammers must get access to your files. That usually means access to your devices, such as your computer, your tablet or your phone. To do that, they usually work through phishing emails.
Because of several huge data breaches in recent years – think Yahoo, Target, and others – many of us have email addresses and other identifying information that has been exposed, and which can be used to target us. Once they have this, they start sending us ransomware, hoping that we click on a link, or open an attachment. And we do! According to one study, 6 in 10 ransomware attacks came through our inboxes.
But it isn’t just emails. This dangerous kind of malware can hide almost anywhere on the web. It can be in advertisements, embedded in photos and videos you click on, even hidden in the comments section of websites. Almost anywhere you click, and even some pages you just visit, can expose you to ransomware.
Say we do get exposed. What happens next, and what should we do?
Here’s how this malware works: once it gets into your device, it works to get encryption keys for your files, and then it scrambles and or locks access to these files. Then, attackers deliver a ransom note containing instructions, with the ransom amount and deadlines. The ransom can be anywhere from a few hundred dollars, to $10,000 for individuals. Some businesses have paid upwards of $40,000.
If you are ransomed, the first thing you should do is alert the authorities. You can inform the FBI at ic3.gov, and you should call your local police department. From there, you have 3 main options. First, you can hope that there is a free encryption key out there.
These unlock your files, and there are sites out there that publish them. If that is not available, you can pay them. While it is not desirable, depending on how important the files are, it may be something you want to consider. Finally, you can stand firm and refuse to pay. If you do this, you can have a computer technician help you clone your files, and wait for an encryption key to come out.
What do we do to protect ourselves?
First things first. Be very wary about any emails you receive! Do not open any emails, click any links, or open any attachments that you are even the slightest bit suspicious about, because that is how they get you. Even if it looks like it’s from a friend, but out of character, call them and ask them.
Second, start a file backup system. You want to take advantage of an online backup and storage service, and you want to regularly back up your files on an external hard drive or usb. Finally, make sure your device’s operating system and anti-virus software are up to date. Both will ensure that the latest protections are in place.
Financial hits come in many ways, and new ones emerge every day. So, protect yourself so you don’t find yourself at the mercy of cybercriminals.