Data Privacy

Guest post: What is Ransomware and how can I protect my system?

You may have seen this cyber threat in recent news with organisations being hit by a new wave of computer hacking that takes data and files for ransom. So what is ransomware? In simple terms this type of cyber hacking comes in the form of a virus designed to hold your files and data to ransom in turn for a sum of money. This type of virus like many others sees potential security vulnerabilities in your system and exploits them. This type of threat may trick you into installing the virus through software downloads or sending malicious links / files via email which when deployed, then proceeds to encrypt various data on a machine or even an entire hard drive. A warning will then popup on screen which will threaten the user to pay up to receive the decryption key otherwise after a specific period, their data will be deleted.

A computer virus that blackmails you

This type of computer virus has been more frequent in the past few years. The most well-known example in recent weeks saw the UK’s National Health Service get hit by the ransomware virus known as WannaCry but this was not an isolated incident, as organisations globally were attacked in a short space of time, which calls for everyone to be extra vigilant especially when downloading from unknown sources. For the most part, these ransomware viruses are hidden behind popular apps, which increase the chance of you clicking through to download. It’s not just PCs that have been affected by this cyber attack, hackers have become sophisticated in their techniques and warnings about mobile app downloads have been highlighted.

So how does ransomware work?

Like many cyber attacks, ransomware often comes from emails or conspicuous software updates. In these emails you’ll find a link or an attachment to open, be warned, as the damage starts in being opened. The ransomware soon gets to work encrypting your files and then locks the computer down, with a fee to retrieve everything.

How can I avoid a ransomware attack?

The message for anyone concerned about cyber attacks is to avoid opening anything suspicious or unexpected. Some emails can look very convincing, some often concealing the real sender, so be extra careful when clicking on links and attachments especially from sources that you do not know.

My system has been attacked is there anything I can do to avoid paying the ransom?

If you’ve been unlucky enough to open an email with the ransomware virus and you’ve proceeded to click a link or download an attachment, there may be some things you can do to retrieve your files before handing over any cash to the perpetrators. Firstly check your backups. This is especially important to companies as large amounts of data can fall quickly at the hands of the hackers with the potential of never being able to retrieve it. If your backup is recent and relevant, this can then be recovered. You may experience some downtime and a minor amount of data loss but this backup could be crucial in restoring as much of your original data as possible before the attack.

Another thing to remember is avoid paying the hackers. When you’re in panic mode and fears about your cyber security are running high, it may seem an easy option to pay them and get back the access to your system. This could potentially open you up to future threats as paying the hackers offers them an olive branch for future blackmailing. In some cases, all paying the hackers has done is let them know that you are willing to pay them to gain access back to your data and then they just increase their demands and just get as much as they can out of you.

So, can I decrypt my encrypted files?

It is strongly advised to see a professional expert in this field because attempting this yourself is a tricky procedure and if anything goes wrong, it could completely lock you out of your data for good.

How can I protect my system and data?

Back up

One of the first and most important things in preventing data loss in any circumstance is backing everything up. This should also be on a separate system and happen on a regular basis. A good location is onto an external hard drive that isn’t connected to the internet.

Be suspicious of emails, unfamiliar websites and mobile apps

This is another important prevention method that is communicated regularly. For ransomware to work, you need to download it, so be wary of any attachment or links in emails that you look suspicious and where you do not know the sender. For mobile, avoid downloading apps that haven’t be verified by an official store and be sure to read any reviews before installing on your phone.

Use decent and usually paid anti-virus software

This handy piece of software is a great prevention method when protecting your computer against a range of threats. Most antivirus programs are able to detect ransomware before downloading them and give you warnings about malicious websites before you start exploring them. Be warned though, a lot of ransomware can go undetected by free anti-virus software, it is worth investing in a decent anti-virus program that could save your business big-time in the long-run.

Install recommended updates on your computer

We all know the drill and that pesky message telling us to install the latest updates, well this is an important and easy way to keep your system updated with the latest security patches. It’s advisable to download them when they are available and for larger companies, this should be an important part of your system management to protect company data.