What is Ransomware and Why Should You Care?

Recently, brand new open source ransomware samples were discovered that demonstrate specific characteristics showing that the enterprise community is more of a target than ever.

Ransomware is without doubt one of the biggest threats facing home computer users in years. Unlike many online attacks, it isn’t primarily out to steal your bank details or spy on you. Instead, it wants to scare you into handing over money to the attacker at the other end of the internet. How does it do this? By locking you out of your machine or folders unless a ransom is paid. Failure to do so could result in you being locked out forever.

But help is at hand. At Trend Micro we’ve been protecting our customers for nearly 30 years now, and we’ve leveraged that experience to put together a few simple steps users can take to reduce the chances of getting infected:

How does it work?

There are two main types of ransomware:

  1. ‘Lock screen’ ransomware is an older, less common type which locks a user’s screen, often flashing up messages spoofed to appear as if they’ve come from the police. The idea is to scare the victim into paying up.
  2. Crypto-ransomware is by far the most common and destructive type. Once it finds its way onto your machine it will encrypt all or most of the data on your hard drive based on file type. This means you won’t be able to make sense of any of it. The attacker will demand a ransom – usually a few hundred dollars – be paid in Bitcoin in return for the all-important decryption key, so you can access and read that data again.

Unfortunately, ransomware is everywhere, meaning there are multiple ways to get infected. It could arrive as a spam email, perhaps in a malicious link or attachment. Users can also get hit merely by visiting a legitimate website which has been previously infected, or a site containing malicious adverts. It means users must remain alert, have the right security tools in place and keep all software up-to-date to stay safe.

How common is ransomware?

That’s hard to say because many cases go unreported. In fact, the FBI released an alert in September urging victims to report attacks so it could “gain a more comprehensive view of the current threat and its impact on US victims.” That alert claimed just one type of ransomware infected an estimated 100,000 computers per day. To put that in perspective, Trend Micro alone spotted 79 new ransomware families in the first half of this year – a 179% increase on the whole of 2015.

The key advice here is: DO NOT PAY UP. The bad guys behind these schemes will keep on attacking as long as there is money to be made. Plus, there’s no guarantee you’ll get your data back. A recent Trend Micro UK poll, for example, found 1 in 5 companies paid up but never got their data back.

How can I protect myself?

The effects of ransomware can be devastating for home PC users. But that doesn’t mean it’s impossible to defend against. The key here is to take preventative measures to stop that initial infection.

The following will help to keep you safe:

  • Prevent future attacks with Trend Micro™ Maximum Security.
  • Avoid opening unverified emails or clicking on their embedded links, which can start the ransomware installation process.
  • Back up your important files using the 3-2-1 rule: create three backup copies on two different media, with one of the backups in a separate location.
  • Regularly update software, programs, and applications, to ensure your apps are current, with the latest protections against new vulnerabilities.

If you suspect you have ransomware on your computer or mobile device, Trend Micro can help:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s