More on Ransomware

By on August 9th, 2017 in cybersecurity, Security

How does Ransomware Work?

As the name implies, ransomware works like a kidnapper, unfortunately it is your data being held captive.

Once your computer(s) is infected, the attack can do a few things. Your files are encrypted or converted into a different language for which only the hacker has the decryption key. Often, you won’ t even know you’ve been infected until you try to open a file, which is quite distressing.

Another, more damaging version is what happened with the recent attacks, the ransomware locks the user out of their entire system, and holds their data and system captive.

During the attack, computer screens showed a message demanding $600 in bitcoin in exchange for the decryption key that would unlock the user’s data.

wannacry ransomeware
A Wannacry ransomeware screen

Victims had three days to pay before the fee was doubled.  The hospitals ended up paying about $20,000. The hackers set up a help line to answer questions about paying the ransom (how kind of them).

This attack relies on something called the Wanna Decryptor, also known as WannaCry or WCRY.

These kinds of attacks are really hard to catch, because hackers are always improving, updating and changing them. The Wanna Decryptor being used is evolving.

How Could This Happen?

Plenty of ways. Hackers can get ransomware on your system if you download an infected piece of software or a PDF. The nasty folk can also use a phishing email to direct you to an infected website.

In the hospital case, hackers sent a zip file attachment in an email. When victims clicked on it, their computers were infected, but the attack didn’t stop there. The ransomware spread through the hospitals’ and businesses’ computer networks.

“Once you get a foothold in the system, other users will start to run those pieces of software,” explained Clifford Neuman , who directs the University of Southern California’s Center for Computer Systems Security.

How to Stop This?

First, back up your hard drive. You should be keeping frequent backups anyway, in case your computer dies or your disk implodes. If your computer gets hacked, you’ ll be able to retrieve your data without paying any ransom.

If you run a business, back up every computer in your office and have a plan for what to do if your system goes down for a while. Be smart about setting up your network (or hire someone who is smart to design it for you), so that most users don’ t have complete access to the system. It would also be a good idea to have an off-site place where you can store backups, in case of fires and such.

These ideas make it harder for a ransomware attack to infect all of your data. Make sure your users understand about the common kinds of attacks. Education could save your bacon in this case.

Avi Rubin, a Johns Hopkins professor who studies computer hacking, has one other piece of advice: If you or your business get attacked, don’t pay.

“You’re funding the bad guys and giving more incentive, ” he said. You also don’t know whether your files will really be restored.

Here is Avi’s Ted Talk about how vulnerable your systems are:

Advertisements

About Author:

One thought on “More on Ransomware

What do you think?