By Savvy Cyber Kids April 14, 2018
Hackers have all kinds of methods to make your digital life a mess. One of the more vicious tools in a hacker’s arsenal is ransomware, a malicious piece of software that takes over your computer and threatens you with harm. This harm is usually in the form of denying you access to your data.
Ransomware is commonly delivered via phishing, which involves a hacker crafting an email, text message, or social media message that is written in such a way that you are compelled to click the link or open a document that is part of the message. The temptation to click and open anything has made phishing the most widely used technique for hackers to deliver their malicious software.
Other forms of ransomware delivery exploit security holes in your device’s operating systems. Certain vulnerabilities will allow a hacker to take control of your system without you having to do anything.
What happens next? The hacker will demand a ransom from you, promising — (and can you trust the word of a criminal?) — to restore access to the data once you pay the hacker the ransom. Most ransomware software encrypts your data so that it is unreadable or inaccessible. The only way to get your data back is to decrypt it with a mathematical key only known by the hacker, but only if you send an untraceable Bitcoin payment to the attacker (or so they say!).
So, if your system has been infected with ransomware and you’ve lost vital data that you can’t restore from backup, should you pay the ransom? The answer may depend if you are a big organization or just an individual. But generally, the guidance is to not pay the ransom. Law enforcement agencies urge victims not to pay ransomware attackers. They would argue that paying ransom only encourages hackers to create more ransomware. In addition, just because you pay the ransom fee, doesn’t mean the criminal hacker will send you the decryption key (they are criminals, remember?).
So, should you listen to the cyber-criminal and pay? WHOA…Time to take a breath before you pay anyone, anything.
You need to first verify that you are the victim of ransomware and not being manipulated with an empty threat. What looks like ransomware may not have actually encrypted your data at all. Make sure you aren’t dealing with “scareware” and go to your browsing history and delete your history. If this is a superficial attack, you may regain control of your computer. In addition, some ransomware encryption can be defeated by applying various techniques to restore your data.
Now, if you have accidentally and unfortunately stumbled across the real deal, a pirate in the world wide web, outside of taking the risk of paying the ransom, what can you do?
These steps to remove the malware from your computer and restore it to your control but it won’t decrypt your files. If you have not recently backed up your files, they may be lost…but at least the computer is back in your control.
So, to pay or not to pay is not the question. The question is, how can you protect yourself from ransomware so that this never happens to you?
There is no virtual justice system ensuring that those who use the internet for good are rewarded and that those who do otherwise face appropriate consequences. It’s up to you to keep yourself and your private information safe from cybercriminals.
Savvy Cyber Kids
See all posts from Savvy Cyber Kids.