Ransomware is a form of malware and is engineered to infect your personal computer and restrict access in some way, while demanding payment or ransom to remove the restriction. First identified in 1989 under the name of PC Cyborg, today there are over 250,000 versions of Ransomware. The demand for money is often requested to be paid through an online payment service or other untraceable methods. Today’s most effective Ransomware is spread through email attachments or compromised websites you visit. A steady stream of Ransomware activity occurs every day, with each version becoming more sophisticated. Recent exploits have been engineered against major employers including hospitals and financial institutions, as well as your personal home computer. Another interesting statistic identifies 75% of all companies infected by Ransomware are not able to access digital data for two days, while 32% of this group could not access their data for more than five days.
What can we do against all of these attacks, without becoming an expert in cybersecurity? First, document sensitive information or items you have on your personal computer and understand how critical these files are to you and your family. It’s important to protect tax files, financial information, emails, family pictures, legal contracts and email attachments. Remember, if you are the victim of Ransomware the files will be encrypted and only available if you purchase the key to unlock them. The best solution to prevent losing these files is backing up your personal computer. If you have to do a restore, make sure you understand when
the Ransomware compromised your computer. Additional defenses against Ransomware are the same as other virus protection practices:
• Use an antivirus product and keep it updated.
• Avoid running or opening any file that you receive unexpectedly or you don’t know who sent the file.
• Be alert and aware of files you download before running them.
• Keep all software applications updated and patch your computer’s Operating System daily.
If your personal computer browser informs you it is encrypted by the FBI, also known as FBI Ransomware, the browser displays a legitimate looking page informing you that all files have been encrypted and all activity recorded – known as a lock-screen virus. There are several other types of Ransomware which create a similar reaction. If you have control of the keyboard, complete a force shutdown of the browser. If the PC appears locked, disconnect the power cord or power down the computer, which should clear the malware application from memory. Once you turn the computer on, do a full scan of the PC with your virus software to identify any residue from the malware.
If you think you’ve been a victim of Ransomware, visit the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (CERT) CryptoLocker webpage for remediation information. Please file a complaint at ic3.gov and read the instructions carefully. Additional Ransomware information can also be found at https://www.us-cert.gov/ncas/ alerts/TA16-091A.