One of the growing cyber threats that got a lot of attention last year was ransomware with a variety of high profile victims.
What is it?
Ransomware is a computer malware that installs itself covertly on a computer, carries out an attack that encrypts the files on that computer and then demands a ransom payment to decrypt the files for the user to regain access to them.
Typically, the ransomware could be bundled with legitimate software much like a Trojan horse. Often times the Trojan installs some form of scareware that claims the victim’s machine is at risk or has been found hosting illegal content.
The end result is eventually to coerce the victim into paying for the decryption key in order to gain access to his files.
How would I get infected?
There are 2 main ways ransomware spreads itself. A compromised website that contains the payload or a simple email with a malicious attachment.
What should I do to avoid it?
- Website URLs to ensure they actually point to the site you are looking for i.e. g00gle.com instead of google.com or te1egraph.com instead of telegraph.com.
- Emails that are faking or forcing urgency.
- Offer prizes or some sort of reward for clicking or downloading something.
- Ask you to provide passwords or login to sites in order to give you access to something.
- Emails that have poor grammar or spelling.
- Emails that originate from a certain address but tell you to reply to another one.
Other general security tips include:
- Backup backup backup! Take regular backups and keep recent copies off-line at the very least if not offsite. A backup on another partition on the same drive would not help much.
- Don’t enable macros in office documents received by email. A lot of times the malware is embedded into a document that you unknowingly opened and ran!
- Be careful with attachments from dubious sources. If you don’t know it, don’t open it!
- Apply software patches. Regularly applying patches means your software is up-to-date and has lower chances of containing bugs or loopholes that could be exploited.