What is Ransomware

As if real terrorist attacks, arena bombings and suicide missions were not enough, we have yet another global threat coming, spreading its cyber attack throughout the whole world.

How Ransomware works

There are two types of ransomware, the one that locks the screen system, preventing users from entering their PCs.

Though scary as it may seem, this is a lesser of two evils, as the problem is sometimes not so difficult to solve.

Most screens get unlocked when rebooting of the computer is done.

The user needs to enter rstrui.exe to a safe mode with command prompt.

On a list restore points, the users need to choose a day prior to when the virus infected their computers.

That should be enough! This is a first aid kit, allowing any IT amateur to get their PCs running.

In case rebooting is not enough, the users can simply take their computers to the IT experts.

For them, this should be a piece of cake. 

The scarier, more modern, advanced type of this malicious software comes in the form of a cryptoviral extortion virus, encrypting computer data and overwriting hard drives so that rebooting option becomes impossible. 

The recent ransomware of this type comes in the form of Petya, or better to say a new version of Petya, that cyber attacked so many companies, including Mondalez,

Maersk  and DLA Piper.

Luckily for many of them, they had a recent back-up which enabled them to recover some of the files.

For the rest, they were left to either pay the asked ransom of up to $500 per computer in Bitcoins, or lose all their files. 

Prior to Petya, there was another cyber attack, the WannaCry ransomware, which managed to infect 230000 PCs in 150 different countries in just one day with the Deutsche Bahn (state railways in Germany) and National Health Services in UK being among those who suffered the consequences of the cyber attack the most. 

WannaCry targeted all the computers through Microsoft Windows operating system, or better to say through a glitch in Windows that though corrected through a software update in March this year, many of the computers had it, as they did not update their versions of Windows.

How Ransomware spreads

One of the easiest ways cyber criminals found to spread ransomware is through spam email campaigns, containing either a malicious link or an attachment.

The second is, as with WannaCry, exploiting the vulnerability of the software, showing just how super smart these newer version of ransomware are. 

The third one is through legit websites that are not even aware of the malicious code injected in their website.

And on the other hand, there are websites fully aware of the virus; in fact, they are the ones that incorporated it in their site, so that they can earn some percentage anytime their users pay ransom, so called ransomware-as-a-service.

Whereas, for the mobile device users, ransomware might come in the form of an SMS message.

The scariest way by far is through self-propagation, spreading the virus from one infected computer to another at lightning speed, which is exactly how WannaCry managed to infect so many computers in such a short period.

How you know if Ransomware infected your computer

After the ransomware infects a computer, there is a message on the scream, demanding anywhere from $300 to $500 per computer to be paid in Bitcoins at a given Bitcoin address.

Next to the ransom request, there is also a warning that unless the money is paid within three days, the price will be doubled.

Furthermore, if the ransom is not paid in a week, the files will be forever lost according to the Ransomware message. 

Protecting your PCs from Ransomware

So how can the users protect ‘their precious’ when a Petya/ WannaCry is just a click away?

The best way to keep the files intact is to actually have a back-up in a completely separate system, such as an external hard drive, the one that is not connected to the Internet. 

This will enable the users to keep all their information safe from the cyber criminals.

Some great advice would also be to keep an eye on any sketchy websites, suspicious emails and unverified apps, and try to avoid opening/downloading them.

This goes without saying, but a great anti-virus program can go a long way when it comes to detecting malware, including ransomware.

And the one thing that most people just keep forgetting is to update.

Installing updates as soon as they are available minimizes the chance for ransomware to exploit the vulnerability found in systems.