What is ransomware?
Ransomware is a catch-all term for any software application that, upon installation on your computer, tablet or smartphone that encrypts the files within and then demands payment for the unlocking key to re-enable access to those files.
It’s ransomware because it’s software that holds your files to ransom. They haven’t quite been kidnapped, but they have been locked away behind an effectively impenetrable encryption layer, often with a heavy time element that threatens outright deletion if a ransom isn’t paid by a set time.
The encryption used is of a high enough level that you’ve effectively got no chance of guessing the unlock key, which is often a very long string of numbers, letters and other computer characters.
How does ransomware spread?
Cyber criminals can use a variety of methods to spread ransomware.
Here’s some of the common ways that ransomware can make its way to your devices:
- Compromised websites or dodgy downloads: That “free” copy of an expensive software application might not be as free and innocent as it seems. Depending on your computer and browser’s setup, and the sites you’re visiting, just going to some URLs can be enough if you’re not careful.
- Dodgy attachments: The payload of some email attachments won’t always be bills you must pay or files you have to open. They can include links to the same compromised sites mentioned above, or contain the ransomware payload themselves.
- Social media links: That highly attractive stranger who wants you to view their “private” photos by clicking on a link? Instantly suspicious, as is any URL link obscured behind a URL shortener or leading to a previously unknown to you web site.
- Phishing attacks: Received an email from “the authorities” saying your computer is compromised and you need to install their special software or face jail time? Yeah, that’s not a legitimate thing in any way shape or form, but it is a high-pressure way to try to trick you into installing ransomware on your systems. The same is true for those dodgy phone calls you may have received telling you that your computer is infected claiming to be from Microsoft, Google, Telstra or others. They’ll try to get you to install applications that they claim will help clean up your system, but the reverse is the case. Hang up on those calls, every time.
How big a problem is ransomware in Australia?
There’s obviously a slight problem in reporting around criminal activities, because criminals rarely advertise their exploits all that widely, and in some cases victims may not report their individual cases.
However it’s absolutely fair to say that it’s a substantial problem any way you count it. The Australian Government’s Cyber Security Centre, the ACSC reported over 65,700 cybercrime reports over the 2020-2021 financial year, with ransomware a key part of those figures, growing by around 15 percent per year.
Ransomware doesn’t just cost money, either, with many instances impacting the deliveries of goods or services, including health services, because recovery takes time that those businesses would otherwise be using to engage in their regular daily activities.
How can I tell if my device has been infected with ransomware?
Typically, because your computer or other device has locked up with a screen demanding money, because that’s the entire business model of ransomware cyber criminals.
It is vital to note that even this fear can be exploited in cruel ways. If you’re browsing the web and you get a small pop-up window or web page telling you your computer “has viruses”, that’s not the same as ransomware.
That’s a phishing attempt in itself, trying either to sell you (generally useless) anti-virus software or trying to trick you into installing malware, including ransomware on your system. If you get that kind of message, close it down completely, run reputable AV software over your system and carry on.
The defining characteristic of ransomware is that by the time you see the ransomware message, it’s already effectively too late because you’ll be locked out of your entire system, not just parts of it.
So, should I pay the ransomware fee?
No, you shouldn’t.
The ACSC warns against paying ransomware fees, which are typically demanded in cryptocurrencies or other hard to track or hard to recover funds systems. You’re funding criminals for a start, but also once you’ve paid all you’ve really done is tell the criminals that you’re willing to pay to get your files back… so they’re more incentivised to get you to pay again.
How can I protect against ransomware?
There are a few key steps to take to minimise the risks of ransomware hitting your systems, and one absolutely vital step that can largely eliminate its sting that you should be doing anyway.
A lot of ransomware works around flaws in operating systems and application software.
One key way to keep yourself safer is to ensure that you’re running the latest updates, patches and versions of your computer’s operating systems and key applications.
Microsoft’s Windows and Apple’s macOS are both pretty good at pushing out important security updates, but it’s always worth checking if you’re fully up to date. On Windows systems, click on the start button and search for “Windows Update” to open up the update system. For Macs, click the Apple icon in the top left, then “About This Mac” and then “Software Update” to check if you’re staying current.
Antivirus software can also play a part, checking attachments in emails for dodgy payloads before you even get a chance to click on them, as well as warning you before engaging in online behaviour that could allow ransomware to wind its way into your systems.
It’s also worth enabling multi-factor authentication on as many services and accounts as you can. That’s generally good security advice anyway, but in the context of ransomware if an application needs more than just simple access to start doing its malicious work you may be able to stop a ransomware attack in its tracks.
Another factor is to use your brain. Yes, that pink glob inside your skull can be a key weapon in the fight against ransomware, because smartly checking the destination of URL links by hovering your mouse over them, or considering if a message you get with a link or attachment is legit can often save you from a world of hurt.
All of these steps are good and wise and you totally should follow them, whether you’re simply protecting your family photos on your home PC or running a business with multiple computers and stores of data. However, there’s another step that trumps them all and could be vital in the unfortunate event of a ransomware attack on your computer or other devices.
That’s backup, making copies of your personal and vital files on a regular basis, preferably daily. This could be local backup to a server, hard drive or removeable media, or cloud backup – or ideally, both solutions at once.
Backup is dull, but it works so well against ransomware for a very simple reason. If you do find your computer locked down, you won’t be able to access your files, but it’s generally quite possible to wipe the entire system and start afresh. This gets you a working computer or other device back up and running… but your files are gone.
That’s where backup becomes your new best friend, because if you’ve got a drive to hand or a cloud repository of your files, you can then recreate as much of your personal data as you’ve got properly backed up.
This will take some time, especially from a cloud backup, but it’s way better than losing days, weeks, months or even your entire business to ransomware – or your precious irreplaceable family documents such as photos too.
Do you need help backing up your data? Geeks2U can do it for you! Our Data Backup and Transfer Service will help to keep your data protect from cybersecurity threats and hardware failure. Call us today before it’s too late!