What does ransomware mean
The term ransomware describes malware which attempts to make a victim pay to resolve a problem it has created. Depending on the form of ransomware, this may be pure intimidation or it may mean that you actually have a serious issue with which you need to deal.
Scareware is pure trickery. It preys on ignorance and fear. The classic scareware scam is a message popping up on your screen saying that your computer has been infected with malware (true) and that you need to contact a technical support line for assistance to resolve the issue (not true).
The people behind these messages are flat out scammers and they are the last people you want to have your phone number and card details. Ignore the messages and install an anti-malware program. Have it scan your computer and follow its instructions.
Lockware is more of a nuisance than scareware because it locks you out of your PC. It is, however, generally still fairly easy to manage. Usually, you can just boot into safe mode (with command prompt) restore to a previous time point and then install an anti-malware program. Have it scan your computer just to be on the safe side.
Encryption ransomware is the form of ransomware which tends to make the headlines. It encrypts files and demands a ransom for their release. The big problem with encryption ransomware is that getting rid of the ransomware itself does not solve the problem of the encrypted files.
Dealing with encryption ransomware
Getting rid of the ransomware itself is generally easy enough. Just install a reputable anti-malware program and have it scan the device. Follow any instructions it gives. Dealing with the encrypted files is also easy enough as long as you have a backup. If you don’t then you will have to hope that luck is on your side and that there is a decryption tool available online.
Use a ransomware identifier tool to analyze the ransom note and the sample files which are generally sent with it. Hopefully, it will come back with a match. Your next step is to see if there is a decryption tool that might be able to decrypt your files and, if there is, test it to see if it works.
Resist the temptation to get too excited about potential success until you see the results. Be very aware that one of the major problems with ransomware is that the money it makes from victims who pay up allows its creators to keep updating it. This means that tools to combat it in any way become obsolete very quickly.
Preventing ransomware attacks
You need to invest in a decent anti-malware program with an integrated firewall. You also need to ensure that your operating system(s) and any downloadable software you use are both updated promptly.
Just implementing this should go a long way towards protecting against ransomware, but you don’t want to bank on your luck. In other words, you need to exercise caution when surfing the internet and downloading email attachments.
The reason for this is that no anti-malware program can ever guarantee 100% protection, especially not against a threat like ransomware, which is in a continual state of development and redevelopment.
For this reason, organizations may have to walk back the extent to which they allow employees to use the company internet for personal business. This has become increasingly common over the years and it’s probably fair to say that, in principle, most companies are fine with it.
The problem is that, in practice, the more people use the internet, the more at risk a company becomes. It may, therefore, be best to restrict “social” internet usage to a limited number of “safe” sites, especially useful ones such as internet banking sites.
The importance of an effective backup process
Please click here now to start your free 30-day trial of Xcitium AEP.
Endpoint Detection and Response