What Is Ransomware?
Following the big WannaCry incident in May, a review into ransomware seemed appropriate. So, what is ransomware? It is a category of malicious software that will kidnap your data, then block and restrict all access to your computer or files, effectively holding them to ransom. Some ransomware might ask for money or the popular Bitcoin cyber currency. If you don’t comply with its terms, you’ll either lose access to your data or it might even get published on the internet.
Ransomware is usually carried out through a Trojan, which carries the infected file within. Once it’s in, the program starts its attack and starts encrypting your computer and finally letting you know its demands. Only when the attacker’s instructions and demands have been met, would you receive the decryption key from the attacker?
What is WannaCry?
WannaCry is the latest ransomware to take the global stage, hitting computers in over 150 countries. It targets Microsoft Windows operating systems and encrypts your data with a demand for Bitcoin. The malware was able to spread across local networks and the internet, penetrating systems that have not been updated with the latest security updates. It is said that in fact the vulnerability had been detected by the U.S. National Service Agency, but had kept it secret until the information was leaked by a hacker group called ‘‘The Shadow Brokers”. With the information available to Microsoft, a security update was quickly produced, even for older operating systems that were no longer officially supported. After the initial attacks, a web security researcher discovered a way to stop the spread of the ransomware by registering a domain name in the code of the WannaCry. This slowed the spread of WannaCry, but newer versions of it had quickly come out to circumvent any preventive efforts made.
How to protect yourself?
Gathering advice from different security experts, we have consolidated a few ways to protect yourself from WannaCry or other ransomware on the internet.
- Make sure all your devices are always up to date with the latest patches for operating systems, software and firmware.
- Scan all your incoming and outgoing e-mails to detect threats and filter executable files from reaching end users.
Schedule anti-virus and anti-malware programs to automatically conduct regular scans.
Backup your data regularly and make sure they are in good condition and prepared to be restored at any time.
If a device has been infected, instantly remove it from any networks it’s currently connected to and vice versa.
Power off any affected device that has not been completely corrupted as this may open a window for you to recover any lost data and to prevent any further corruption.