What is Ransomware

Posted on Posted in Data, Data Recovery, Ransomware, Viruses

What is Ransomware?

According to Wikipedia,

“Ransomware is a type of malicious software that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.”

Now to explain that in general terms, ransomware is a type of virus that holds your data hostage and demands payment. This type of virus has grown more dangerous and has gained a lot of traction in recent years.  2017 was the worst year for ransomware and 2018 is on the same track.

There are currently over 500 known strains of ransomware and the list continues to grow.

How can I Prevent Ransomware?

There is no true guaranteed method to prevent ransomware 100%, but there are a number of steps you can take to protect yourself. The following list include some of the key steps everyone should follow.

  • Anti-virus is a must to decrease your chances of getting ransomware.

A computer with no anti-virus is in great danger when going online, ransomware is only one of many threats you expose yourself to. A good paid anti-virus will greatly reduce your chances of getting ransomware as well as many other types of infection. We understand free sounds great because it doesn’t cost you any money.

 

  • Backups are a great way to protect against ransomware.

A good backup solution can help you recover in case you become a ransomware victim. If you don’t have a backup plan in place let us help you implement one.

 

  • Updates are especially important.

Whether they are Windows updates, Adobe and Java updates, program updates, or updates to your web browser(s), these are usually released to patch exploits or security holes that may have been found. Keeping your system updated is a good habit to get into.  Skipping or deferring these updates can open your system to attacks such as ransomware.

 

  • The best defense is a good offense.

One of the best ways to avoid any type of infection is to keep watch for signs that you are at a dangerous website or signs an email is dangerous.

  • Ads can be a great tool for businesses, but unfortunately many have become common gateways for infections using a method called Malvertising. Malvertising consists of making legitimate looking ads that contain malware or other infections and purchasing ad space through legitimate websites to distribute these infections to unsuspecting users, unbeknownst to the website owners. They may also contain scripts or code that may redirect you to other malicious sites designed to fool you into giving up some of your hard-earned money.  Along with keeping your system up to date, avoiding clicking ads is another great way to avoid some of these infections.  Ad blockers can be beneficial as well, but there are many websites that detect and block users of ad blockers, since this is taking a cut of their revenue stream to help keep their website operational.  So please use these with caution and care.
  • If you receive an email and you are unsure of the sender, obviously, the best option is to not open it and immediately delete it. Ransomware is commonly spread via email disguised as legitimate email. Ranging anywhere from a co-worker sending a document or spreadsheet for you to review, a fake billing statement, or email from people claiming to be one of your friends wanting you check out a picture, video or link. If something just doesn’t seem right, do not open the email, and if you question it’s legitimacy, verify with the sender over the phone or in person, if possible. If it seems too good to be true, chances are it is.

 

I got hit with ransomware, what do I do now?

If you are infected with ransomware, the best thing to do is power down the machine immediately.  If the virus hasn’t encrypted all your data yet, this is the best way to stop it from finishing. The next step is bringing the machine in to a professional, like Dijital Majik, to get it cleaned and the ransomware removed.

 

What are the steps to recovering from ransomware?

The first thing that has to be done is cleaning the machine or machines that were infected, and removing the ransomware. After that it is looking for and patching any security holes that may have been used to get the ransomware on the system. After making sure all the security holes are patched and everything is up to date, then it is onto dealing with the data, if you have backups this step can be quick and less painful, but with a lack of backups then this step to be can be very timely and costly. Without a good backup solution, there is no guarantee you will get all if any of your data back.

 

Regardless of any situation, whether you are an individual or a business, recovering from a ransomware infection is a process and will take time, but with armed with some knowledge as discussed above, it can be less painful.

 

If you find yourself dealing with ransomware, the professionals at Dijital Majik Computers in St Cloud, MN are here to help.