What is ransomware, and why has it become the hot, new way for hackers to make money online from you?  In this article, we will tell you what ransomware is and provide you with simple steps you can take to protect your computer and devices from ransomware attacks.

What is Ransomware

As Internet users have become more knowledgeable about protecting themselves from various online scams such as phishing attacks, hackers have developed new methods for making money.  One of these new methods is ransomware.

Simply, ransomware is a type of malware that locks some or all of files on your computer or device so that you can’t access them.  Hackers then offer to unlock the files for you – at a price.

Imagine all of the data on your computer or mobile device.  That Quicken file that holds all of your financial transactions since college, or all of the family photos you’ve scanned and put on your computer.  Or perhaps the book you’ve taken five years to write in Microsoft Word. Now, imagine all of those files are gone in an instant. And you can’t get them back.

Once your files are locked, ransomware attackers will contact you and offer to unlock your files for a fee.  They will appeal to your fear of losing your files – for example, they might set a time limit for payment before they delete your files. Or, the attackers may threaten to take certain files such as pictures, and send them to all of your contacts.

To make matters worse for you, most ransomware attacks will force you to pay using a cryptocurrency.  Cryptocurrencies offer anonymous transactions, thus protecting the attacker from being identified by authorities.

And, if you do end up paying the hackers, there’s no guarantee they will unlock your files, or worse yet, that you won’t be the victim of another ransomware attack.  And in some cases, the attack destroys the data on your computer or device – making it unrecoverable even if you do pay the ransom.

Ransomware Attacks on the Rise

Ransomware attacks are on the rise as they offer greater financial incentives to attackers.  A study published by IBM in 2016 estimated that individual victims of ransomware attacks paid hackers $300 on average to unlock their data.

This same IBM study estimated that ransomware attacks rose 6,000% between 2015 and 2016.

And individuals aren’t the only victims.  Businesses are victims as well. The IBM study went on to say that 70% of businesses paid attackers to retrieve data, paying on average close to $20,000 per attack.

For ransomware attackers, businesses are a prime target.  In 2016, over 16 hospitals worldwide were victims of ransomware attacks.  And, in 2017, in one of the largest ransomware attacks yet, the WannaCry ransomware attack affected over 200,000 devices across 150 countries, affecting many large companies.

WannaCry: A Case Study of How You Can Become the Victim of a Ransomware Attack

The WannaCry attack can be used as a case study to understand the threats to you from such an attack.

The WannaCry attack took advantage of security vulnerabilities in the Microsoft Windows operating system.  Although Microsoft had patched these vulnerabilities in April, 2017, by the time the attack started in May of 2017, hundreds of thousands of computers worldwide had still not applied the patches.

Once a computer was infected by the WannaCry attack, the attack would lock files on the computer and then attempt to infect any other machine it could connect to on the local network.  This means that if your computer was connected to a network with an infected computer, your computer could have been subject to the attack.

Individuals weren’t the only victims of the WannaCry attack.  Large companies such as Renault, Nissan, Fedex and Spain’s Telefonica were also victims of the attack.

In the end, the WannaCry ransomware attack was stopped due to weaknesses the hackers had made in coding the attack.  Security professionals were able to use these weaknesses to stop the spread of the attack. Even so, estimates of the cumulative dollar amount of losses caused by the WannaCry attack ranged from hundreds of millions of dollars to $4B.

Recent Ransomware Attacks

As bad as the WannaCry ransomware attack was, it’s just one of many attacks that have occurred over the past few years.

In 2016, a the Simplelocker ransomware attack was one of the first attacks to target Android devices.  The attack was spread through infected applications users downloaded onto their phone.  Once installed, Simplelocker then proceeded to encrypt files on the phone. Certain versions of the attack would intimidate users by accessing the phone’s camera to display photos of the victim.

Also in 2016, the Petya ransomware attack was launched, targeting Windows OS.  The attack was spread via email phishing. The emails looked like they were coming from someone seeking a job at the company targeted.  The email included a link that, once clicked, caused the Petya attack to start encrypting files on the victim’s machine. The hackers who developed Petya then offered the ransomware for sale as a service – known as Ransomware-as-a-Service (RaaS).  If you were interested in spreading a ransomware attack, all you needed to do was signup with their affiliates program, pay a fee and begin your attack.

Various versions of the Petya ransomware were released through 2017, with names such as GoldenEye, NotPetya, and PetrWrap.  Analysis of the Petya/NotPetya ransomware determined that the primary purpose of the attack was to destroy data. Once the attack took place on your computer, the data would become unrecoverable – whether or not you paid the ransom.

In 2017, the LeakerLocker ransomware attack targeted Android devices. The ransomware was was delivered via infected apps downloaded from the Google Play store. Once infected, the ransomware would threaten to send pictures, text messages and browser history from the device to contacts found on the phone unless a $50 ransom was paid.

What these attack show is that the attackers are using ever more clever ways in trying to trick you into becoming a victim of an attack.

Backups: The Most Effective Way to Protect Yourself from a Ransomware Attack

One of the most effective ways to protect your computer from a ransomware attack is to backup all of your critical files.  Specifically, you will want a backup that predates the attack.

You can backup files on your computer manually, to an external hard drive, but realize that ransomware attacks scan all of the hard drives connected to your computer and lock files on them to make them inaccessible to you.  If your external hard drive is connected to your computer at the time of the attack, the backups themselves may become locked.

Another downside to manually backing up your files is remembering to do it on a timely basis so that the backups have the latest data.  A backup of your Quicken file that is two years old may not be useful to you.

Because manual backups to an external hard drive can be subject to an attack, and because it’s hard to remember to backup your data on a timely basis, here at YouDefense.com we recommend using an online backup solution.

Online backup solutions install software on your computer, and backup either the whole computer or files you specify to the cloud.  In addition, they keep older copies of your files so that you can restore them from a certain point in time. If you become a victim of a ransomware attack, you would then be able to restore data from before the attack.

While there are other ways to protect your data (we list them below), such as using anti-virus software, onlines backups are the best way to protect your data in case of an attack.  If, for example, your anti-virus software fails to protect you from a ransomware attack, online backups provide you with a way to restore your unlocked files.

In addition to providing protection in case of a ransomware attack, backing up your computer or device online provides other benefits as well.  For example, if your computer or device is damaged beyond repair, having an online backup will allow you to recover any files that had been on your computer or device before it was damaged.

When looking for an online backup solution, you will want to look for the following:

• What security does the online solution have to protect your data
• Does the solution support your computer’s OS, i.e. Microsoft Windows, Apple macOS, etc.
• How long does the solution save your data.
• Are there any size limits on the amount of data that is backed up.
• Does the solution automatically backup files when they have changed.

Here at YouDefense.com, we recommend Carbonite as your backup solution for your computer.  Carbonite’s basic personal cloud protection offers no backup size limitations, 128-bit encryption of your backups and automatically backups files when they change.  In addition, Carbonite has mobile applications that allow you to access all of the files in your backup from your mobile phone.

Other Steps You Can Take to Avoid Becoming a Victim of a Ransomware Attack

The WannaCry attack happened to affect only computer running the Microsoft Windows operating systems.  But all computers or devices can be a target of a ransomware attack. For example, in the first half of 2017, TrendMicro detected 235,000 instances of Android ransomware.  Ransomware attacks are on the rise, but there are simple steps you can take to avoid becoming a victim.

Here at YouDefense.com, we suggest the following steps to guard against becoming a victim of a ransomware attack:

• • Use an online backup service – we recommend Carbonite as your online backup solution.
  • Apply all security updates to your computer or mobile device in a timely manner.  Microsoft, Apple, and Google push out frequent updates to their OSs with the latest security patches.
  • Beware of email scams or phishing attacks, such as the attacks we documented in our article Apple Email Scams Now Rampant: 3 Keys to Avoid the Attacks.  Be suspicious of any emails or text messages that contain attachments or links to websites.  Phishing attacks are one of the primary ways attackers use to get you to install ransomware on your computer or device.
  • Use security software that incorporates behavioral scanning to detect threats.  Software, such as Malwarebytes Anti-Malware, detect threats based on what the ransomware is doing rather than just scanning for static signatures.
  • Consider using a VPN that includes antivirus scanning – see our article What is a VPN – 5 Reasons You Must Use a VPN to Prevent Identity Theft and Protect Your Internet Privacy

Following these simple steps can help you avoid becoming the victim of a ransomware attack.

How to Remove Ransomware

The good news is, some ransomware can be removed using tools such as antivirus or anti-malware tools.  The bad news is, the only way to remove some ransomware is to pay the ransom – but, as noted above, you may or may not get your data back.

Since each ransomware attack is unique, there is no one way to remove all ransomware.  This is why we suggest the steps above to avoid becoming the victim of a ransomware attack in the first place.  But, if you do become a victim, head on over to the The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) website.  Here, you’ll find the latest reports on ransomware, the effects in can have, and links to ways to remove the ransomware if possible.

Appreciate this info? Subscribe FREE right now ↓↓↓
so you don’t miss any of the most important tips to keep you safe online and in other areas of your life.

Right now you’ll also instantly get our new report, The Top 10 Threats You Face in 2018 ↓↓↓