According to recent news on the BBC more than 4000 people have had their computers infected with ransomware, with over £4.5 million paid out to cyber criminals.
Paul Mitchell, from FixMeStick, a company that helps individuals and companies remove viruses and malware, comments on the rise in this form of computer malware.
When it comes to computer viruses, ransomware is one of the scariest. A relatively new type of online threat, ransomware poses a potentially devastating threat to both companies and individual users alike.
What does ransomware do?
Ransomware is a type of computer virus that holds your computer and its data ransom until you pay the creators of the virus to unlock your files. Simply removing the virus is not an option since the ransomware holds your computer hostage and encrypts your personal files. Reading the encrypted files requires a secret password or code. This basically forces the computer user to comply with the ransomware’s demands and pay the requested amount, but there is never a guarantee paying will unlock your files. Often these ransom message will appear to come from the police, the FBI or other reputable sources, but none of these bodies would ever lock up a PC and encrypt your files.
How does ransomware spread?
Ransomware started its initial massive spread, like many other online threats, through emails. Hackers are able to quickly alter the code of ransomware to make it undetectable by anti-virus software that relies on recognizing known variants. This malware most typically spreads through email attachments and ads place on websites that are not secure (be careful of sketchy looking websites).
How to prevent infection
Never open emails from unknown senders. You never know what could be inside. If you do receive an email from someone you trust but the contents seem strange, or you are unsure of the attachment, it’s best not to open the attachment. You can always ask the sender if they actually sent the email.
Keeping a good antivirus active and up-to-date on your PC can help prevent a ransomware attack. Ransomware, like other viruses, often look for vulnerabilities in software that they can exploit and then infect your entire PC. This is why it is important to keep your operating system and other programs (such as web browsers) updated. This is always the most prudent way to stay safe.
What if ransomware makes it onto your PC?
The ransomware virus can be removed, but this does not solve the issue because it encrypts your files and makes them inaccessible. Some variants of ransomware have been “solved” and it’s worth a Google to see if there is a decryption tool available, but most variants of ransomware remain unsolved. In these cases the only way to decrypt the files is to pay the ransom. However, paying up does not guarantee decryption and will almost certainly mark you as a good target for future attack!
The best defense against ransomware is to back up all your files. Backing up your files creates copies of all your important data and documents elsewhere, where they are safe. This process would allow you to clean your computer of the ransomware virus, delete the encrypted files, and replace them with their copies that you made on your back up! A backup can be created on an external hard drive or on a cloud based back up service. Both types of external backup have their merits.
External hard drive
External hard drives offer a quick and easy solution to your backup question. They are fairly affordable, and involves a one time payment, compared to cloud storage, which is often subscription-based. The best feature of an external drive is that it stores your files offline, leaving you with a secure backup of all your files. IMPORTANT: If you’re going to make a backup, make sure you scan your files for infections first, so you don’t just copy ransomware onto your hard drive!
Cloud storage systems
Cloud storage backup systems offer the same effect as external hard drives in the sense that your personal files are stored outside your PC. However, there have been cases where ransomware has gained access to cloud storage and caused problems. If you choose to use cloud storage, you should check with them about what measures are in place to protect against ransomware. Cloud storage does offer its own unique benefits. For one, your files can be accessed anywhere, anytime. Simply log into your cloud storage and download that file, anywhere in the world. Many cloud storage systems also offer shared folders. This means that you can decide to share a specific folder with many users. This can be good for collaborative work projects or for family members sharing photographs.
While online cloud storage can be free for a (relatively small) limited space, when you need more space, you will need to pay. Some websites require you to pay on-going subscriptions. File transfer using cloud storage can also be slow when transferring large files or if your internet connection is slow. Lastly, though all cloud services encrypt your files in a secure way, security breaches are possible.
Both hard drives and online cloud storage are viable ways to back up your files and therefore offer you a way to free yourself from the ransomware’s clutches!
One way to Remove malware
As already mentioned, keeping a good antivirus active and up-to-date on your PC can help prevent a ransomware attack. But what happens when this antivirus software is circumnavigated by malware. Often when a PC/laptop is infected with malware and spyware it runs much slower than normal. A device such as The FixMeStick removes infections that have sneaked past your anti-virus protection.
When you plug it in the first thing the FixMeStick does is to download the latest virus updates from the world’s leading antivirus software suppliers. The FixMeStick then starts its built-in multi-scanner and when it has finished scanning the computer’s files, you click 'Clean'. Your computer will restart, clean from infections. You can then delete or quarantine infected files. So long as you have done regular backups the infected files which have now been removed, can then be restored from the backup.