Understanding Ransomware – How Does it Work?
In recent years, a new form of cyberattack has become hugely popular, and it’s a worrying trend, since there is very little that can be done to mitigate the effects one it’s already hit. Ransomware preys on the fact that the most valuable thing in a computer is the data itself, and it attempts to make it unrecoverable in order to force you to pay money – a ransom, hence the name.
Once ransomware hits your computer, you won’t know immediately. It will sit quietly in the background, analyzing your hard drive and not making its presence known. Once it’s ready to strike, it will go through any files it deems important – pictures, documents, music, executables, large files – and it will encrypt them. This means locking the files with a password, making it unable to access them without it.
And no, this isn’t as simple as a screen that asks you to type in a password and locks the interface behind it – encryption means that you absolutely cannot access your data without the original password, no matter what you do. Even reinstalling your operating system will get you nowhere. Don’t bother trying to guess the code either – it’s generated randomly from a string of letters and numbers and will take thousands of years for even the fastest computer on Earth to crack.
To make matters worse, there is often a time limit involved. Once the ransomware makes its presence known, it will display a message on your screen asking you to purchase some sort of disposable voucher and enter its code on your computer. The good news is that the people running these schemes actually seem to be good for their word, at least – paying does often get you your data back. But that’s not because of any good intentions, it’s simply clever business – if it came to light that paying does nothing, people would simply not pay at all.
How can I stop it?
If you’ve already been hit by ransomware, bad news – you’re most probably out of luck, at least if it’s a recent version. There’s a slim chance that your particular ransomware version is an older one that’s been cracked. There are sites on the Internet that can help you with this – all it takes is to upload one small encrypted file. The site will then analyze the structure of the file and tell you if it corresponds to the way any known “weak” ransomware viruses encrypt their data. If you’re lucky there, you may be able to get a working decryption key for free.
Otherwise, it mostly comes down to preventing the problem in the first place. Keep your antivirus up to date, don’t click on any suspicious links, and be careful with what you’re downloading. Once you’ve let ransomware into your system there’s not much you can do to fix the situation, and you’ll need to make sure that this doesn’t happen in the first place. If you’re not sure about proper security practices, now is a good time to sit down and educate yourself.