Episode 7: Social Engineering – Ransomware

What is Ransomware

Ransomware is a subset of malware, it can be as simple as someone threatening to publish information about you or lock your system so you can not use it.

When ransomware attacks were first noticed, they targeted individuals. As criminals realized that businesses were a more lucrative target, most attacks are now directed at businesses. That doesn’t mean that the criminals won’t attack individual computers. Individuals are more likely to see tech support scams, and screen lockers.

Ransomware is usually spread by phishing emails, malicious social media links, or software being installed from an infected webpage invisibly in what is called drive-by-download.

A more advanced version of this is called cyrpto-viral extortion.  This severe form of ransomware encrypts the victim’s files, making them inaccessible. The threat actor then demands a ransom payment to decrypt them. This is what you saw in the Colonial pipeline attack in early 2021. The system remain unavailable until the ransom is paid. Usually payment is requested in cryptocurrency.

McAfee lists ransomware as “one of the fastest growing areas of cybercrime”. Many times the vicitms are small businesses or small government agencies that may not have the resources to train their people to avoid these attacks, or their networks may be less secure due to budget constraints.

How To Protect Yourself

  1. Keep your software updated – most software updates include security patches that close potential holes in the software itself.
  2. Keep backups of your data – use a cloud backup service, or even USB external hard drives to save new or updated files. Do not leave these backup devices attached to your computer all the time. After backing up your data, detach the backup device. Otherwise they are subject to ransomware as well.
  3. Use Security software – there are many commercial security software packages available that will scan your computer proactively to protect from ransomware attacks. If you choose to use software, use a reputable software company. (Microsoft Windows Defender, McAfee, Malwarebytes, Sophos, Norton etc.)

What If I am a Victim

If you are a victim of ransomware, the first thing to remember is never to pay the ransom. There is no guarantee that the attacker will follow through and release your information. We also don’t want to encourage the criminals to continue.

Reach out to a competent IT professional that can help you recover your system. They may not be able to recover your files (that is why backing up your data is vital), but they can remove the ransomware and clean your system.

Report the ransomware to the FBI. It is important to share the information with the authorities so they can protect others and search for the criminals. Being a victim of a crime isn’t something to be ashamed of. The criminals are more and more sophisticated and everyone is vulnerable to attack.

Leave a Comment