Protect Your Computer From Ransomware Before You "WannaCry"

I hope you know about "malware" or in the extended form "malicious software". When we talk about malware, it includes several harmful things like spyware, adware, viruses, worms and even pop-ups. Along with all these, "Ransomware" is a type of malware which will provide you with a loss of 200-10,000 dollars or more. Everyone saw the power of Ransomware on last May, with the attack of "WannaCry".

What is "Ransomware"?

As I mentioned above it is a sophisticated type of a malware which can lock your files. If you want to regain your files, then you must pay a ransom. There are two types of Ransomware,

1) Encrypting Ransomware, which encrypts your files.

2) Locker Ransomware, which locks you out of your operating system.

Sometimes if you don't pay it within a week or a number of hours, the ransom will double.

Ransomware attack 2017

A Ransomware named "WannaCry" began its attack on the Friday 12th May 2017 infecting more than 230,000 victims in over 150 countries. Some of the victims were UK's National Health Service(NHS), Spain's Telefonica, FedEx, Deutsche Bahn and more. The target was Microsoft Windows Operating Systems. Some other organiztions which were affected by WannaCry are, Honda, Hitachi, Renault, Cambrian College Canada, Portugal Telecom, Russian Railways etc.

*** WannaCry is just one Ransomware. There are more Ransomwares like CryptoLocker, Locky, Petya, Crysis, zCrypt, HydraCrypt etc.

How does it spread? Who is aimed?

Typically a pop-up opens telling you that you need to update a particular software. More often the thing comes as advertising for Adobe Acrobat, Java and Flash Player updates. Torrents are one way with ads used to distribute malware, so be careful.

Other than that it can be spread by,

Spam emails with malicious links.

Vulnerable software

Redirections to malicious websites

SMS messages (when targeted to mobiles)

Botnets

More than ordinary users organizations such as police departments, city councils are being aimed by Ransomware. They are so cruel that they would even aim at hospitals and schools. Most of the organiztions had to pay a ransom worth $10,000 to $40,000.

(above image is from https://heimdalsecurity.com )

Public institutions are targeted since the hacker can get a lot of money and it's more guaranteed that they'll pay. But home users are targeted mainly because they lack even basic protection, they don't update software regularly, lack of cyber security education which means they'll click on anything.

How do I know my computer is infected?

If it is infected the screen will display a message like these ones,

How does Ransomware work?

When your computer is infected by Ransomware it finds several file extensions such as JPG, XLS, PNG, DOC and PPT. The hacker wants the type of documents and images which you consider to be very important. Then he encrypts them all. After that, the malware provides you a site to access, you typically needs to use Tor browser to access these sites. And you need to buy bitcoins to pay the hacker.

How can I protect from Ransomware?

Okay, so in order to prevent from this malware you can take some steps.

1) Keep back-ups!!! Always keep a back-up of your important files in an external hard drive.

2) Don't store important data on your computer, keep them in an external hard drive.

3) Virus guards are not always helpful with this, but make sure your virus guard is updated.

4) Update software and operating system. Do not download software from suspicious sites.

5) Make sure you have made your browser's settings to increase privacy and protection.

6) Watch before you add pug-ins and add-ons, remove outdated ones.

7) Use an adblocker to block malicious ads.

8 ) Never open spam emails or emails from unknown senders.

9) Keep away from downloading attachments from suspicious emails.

10) Do not click on links sent by suspicious emails.

Remember!!! If you need to update software like Adobe Acrobat, Flash Player, Java, Silverlight or anything else, please go to their official site to update them. Don't update using unofficial sites.