When you’re using the Internet, there is seemingly an endless cascade of things you need to avoid. Viruses, malware, Trojans, hackers, phishing… there’s so much to consider, and you may not even understand half the things you’re supposed to be worried about. One of these potential threats is ransomware. But what is it? And how do you deal with ransomware if you’re on the wrong end of it?
Ransomware is actually a type of malware, with the detail that its goal is to get information or access to your computer, and release it back to you in exchange for a ransom. For example, a bad actor could get control of an organization’s network, and in turn, hold control of the network (and possibly the data on it) ransom unless you pay them a certain amount. Often, ransomware will have a countdown clock, intended to create fear that they may act if the countdown hits zero. This could be a meaningless timer meant to create anxiety, or it could be a legitimate timer. Either way, it’s an effective strategy to exploit their victims.
What are Common Types of Ransomware?
While there is a general idea of what ransomware is, there are variants on how ransomware can manifest. The most common variant of ransomware is an encryptor, causing your data to be locked, and only unlockable via a decryption key. A more significant lock is the locker, which locks your entire system, with similar instructions demanded of you. These scammers may also send doxware or leakware, which is essentially intended to convey the threat that, if a payment is not made, the information will be released. This may be personal skeletons in one’s closet, it may be private information about an organization, or it may be them bluffing and not having anything to leak.
A more roundabout type of ransomware is one that doesn’t actually affect your files, it just winds up being annoying. It may make false claims that you have a virus on your computer and need to pay to have it removed, and may put obstructive pop ups all over. A common tactic of scareware that pretends to be warning of viruses, and offering a contact number to talk to someone about getting rid of it. In truth, the number is to scammers who try to get your information, or get access to your computer through a program like TeamViewer, professing to be fixing problems with your computer (in exchange for exorbitant payments, of course). For ransomware like RYUK, it is not uncommon for them to demand Bitcoin, since Bitcoin is untraceable.
How Dangerous is Ransomware?
Ransomware can be extremely dangerous, especially in the wrong hands, and it is only getting more dangerous as time passes. Ransomware has netted billions of dollars for these scammers, and measures have had to be taken to curb these profits.
One of the big threats behind ransomware is that even if you do agree to their demands, you may find that they don’t meet their end of the bargain. After all, why would they need to? Unless they have the law on their tail, they can just leave it as is. Best-case scenario, they may deign to give you the decryption key, as per their agreement.
As discussed above, ransomware can be used to get into contact with would-be victims in order to get money out of them. There are obvious risks to this, being the loss of money and dealing with potentially dangerous people, but one risk that you may not consider is the fact that they now see you as a mark. That is, if you are manipulated into believing that they are doing something about a virus on your computer instead of being the problem themselves, they will jot your number down to use in future scams, or may even sell your number to other scammers.
How Do I Avoid Getting Ransomware?
The best way to avoid ever getting ransomware in the first place is to be cautious. A person or organization most often falls victim to ransomware due to clicking on a spam email and clicking on a link or opening an attachment. Most harmful emails are caught by spam filters, but sometimes, they may be able to slip through the cracks. You need to anticipate this possibility, and any unfamiliar emails should be treated with extreme skepticism. Ransomware scammers are very good at tricking their would-be victims.
How Do I Deal with Ransomware if I Get One?
The moment you find yourself the victim of ransomware, the first thing you should do is disconnect from the Internet. The sooner you respond, the better, as you may be able to delete it before the ransom is made. Disconnecting from the Internet will help prevent the spread. Next, scan for any malicious software on your computer. If you’re lucky, you may be able to get it off your computer without concern.
While it may be tempting, it is not ideal to pay the ransom. It only encourages them to continue this behavior, and they may even regard you as a victim for future attacks.