What is Ransomware
Ransomware is a specific type of computer malware typically in the form of a virus or trojan. When a computer is infected with ransomware, it blocks access to your data by encrypting it. Hackers then request a ransom and may threaten to publish or delete your data unless paid within a short time frame. After the ransom is paid, the data is usually returned via decryption although not always.
While not a new concept, ransomware came on strong in 2013 with CryptoLocker. Supposedly, the creators of CryptoLocker earned around US$27 million. With that kind of money being made, even illegally, ransomware quickly became a way to get rich. This problem isn't going away anytime soon.
Untraceable currency in the form of a cryptocurrency like Bitcoin has made the scheme far less risky for the perpatrators.
User-friendly website services have sprung up that allow anyone to create and distribute ransomware and even help collect the money!
Protect Yourself from Ransomware
The following steps are meant to reduce the likelihood of getting infected with ransomware and recover from a successful attack.
- Backup your data regularly and keep backups off the network or inaccessable from users
- Keep your computers patched and updated
- Use anti-virus software
- Use a firewall that includes malware detection
- Don't run your computer using administrator-level credentials
- Use security to limit user's access only to the folders and files they need
- Test your disaster recovery plan