Why Encrypting Your Data Won’t Protect You From Ransomware

Philip Bates 28-06-2017

No one wants to be a victim to cybercriminals. It’s why we’re so keen on encryption — indeed, the vast majority of people use encryption to some extent because locking your smartphone scrambles all your personal information 7 Reasons Why You Should Encrypt Your Smartphone Data Are you encrypting your device? All major smartphone operating systems offer device encryption, but should you use it? Here's why smartphone encryption is worthwhile, and won't affect the way you use your smartphone. Read More .


That’s exactly what encryption is: making your data unreadable without a special encryption key (i.e. a password). It’s the ultimate defense against cybercriminals, right?

Unfortunately, no. There are far too many myths about encryption Don't Believe These 5 Myths About Encryption! Encryption sounds complex, but is far more straightforward than most think. Nonetheless, you might feel a little too in-the-dark to make use of encryption, so let's bust some encryption myths! Read More that you simply shouldn’t believe. For instance, it won’t protect you from ransomware. Here’s why.

What Is Ransomware?

Let’s start by running through exactly what ransomware is A History of Ransomware: Where It Started & Where It's Going Ransomware dates from the mid-2000s and like many computer security threats, originated from Russia and eastern Europe before evolving to become an increasingly potent threat. But what does the future hold for ransomware? Read More . That’ll expose why encryption won’t work against it.

hacker in the matrix
Image Credits: medithIT via Flickr

Ransomware is malware that comes in a few variations, but they all boil down to one main element: malicious software that scrambles your data so that only a fraudster can decrypt it. Your personal information — your documents, images, browsing history, basically everything on your device — is rendered unreadable by this attack.


If you want your files back, the scammer tells you, you’ll have to pay up. Except the fraudster fails to unlock them, or encrypts your files again, so you can’t read any of it regardless.

It hit the headlines most recently because its WanaCryptor/WannaCry variant hit major infrastructures The Global Ransomware Attack and How to Protect Your Data A massive cyberattack has struck computers around the globe. Have you been affected by the highly virulent self-replicating ransomware? If not, how can you protect your data without paying the ransom? Read More around the globe, including the National Health Service (NHS) in the U.K. Medical institutions are especially vulnerable 5 Reasons Why Medical Identity Theft is Increasing Scammers want your personal details and bank account information – but did you know that your medical records are also of interest to them? Find out what you can do about it. Read More to cyberattacks, but even encryption wouldn’t combat ransomware.

Why Encryption Won’t Protect You

Ransomware isn’t about a scammer reading all your personal information. It’s about a scammer stopping you from getting to it.

Imagine you’ve written a book the old-fashioned way: you’ve handwritten it Hate Handwriting? Me Too. Here's Why We Should Teach It Anyway. We need to give young people the chance to love handwriting as an art, instead of making them hate it as a chore. Read More . Pages and pages of precious work. But so no one can read the manuscript before it’s published, you “encrypt” it by mixing up the page numbers. Only you know the right order.


Then someone steals your manuscript. They’ll give it back to you, if you pay a huge fee. Does it matter that they can’t read it because it’s jumbled up? Not at all. To add to your problems, the thief further jumbles up your pages, and only they know the order in which they were when stolen.

In this vein, it doesn’t matter whether you’ve encrypted certain files or your entire hard drive. A scammer encrypts it again, meaning your key won’t work until their key is used. It’s your padlocked safe within a scammer’s padlocked safe, if you will.

How Do You Protect Against Ransomware?

It’s completely understandable if all this sounds very scary Is Ransomware Really as Terrifying as You Think? Ransomware is a regular nuisance. A ransomware infection takes your computer hostage, and demands payment for release. Often, payment doesn't secure your personal files. But is it really as terrifying as you think? Read More . Ransomware is. But you can take measures to protect yourself from it Protect Your Data From Ransomware With These 5 Steps Ransomware is scary, and if it happens to you, it can make you feel helpless and defeated. That's why you need to take these preemptive steps so you don't get caught off guard. Read More .

Obviously, anti-virus software is your first line of defense. Shop around and find the ideal one 4 Things to Consider When Buying a Security Suite McAfee, Kaspersky, Avast, Norton, Panda - all big names in online security. But how do you decide which to choose? Here are some questions you need to ask yourself when purchasing anti-virus software. Read More for you (because Windows Defender isn’t enough How To Remove Windows Defender & Why You Might Want To Read More ). It’s well worth spending extra cash if you’re certain a particular security suite is the right one, but even free anti-virus and firewall services can adequately defend your PC. However, what you’re looking for is a tool with the ability to monitor your personal files and folders. Better still, it should be able to lock those directories from access from any applications unless specifically allowed. BitDefender is a good option here.


Naturally, it’s always important you update your system on a regular basis, so patches fix any vulnerabilities found since the last OS upgrade. If you’re running Windows 10 or 7, you’d be immune to WannaCry — as long as the system’s up to date. Similarly, Microsoft issued a Windows patch after the worldwide ransomware attack, so users of older systems will need to automate updates.

ransomware distribution graph
Image Credits: Tomkie sFastyne via Flickr

The most important thing, however, is a reliable backup of all your files. You have to make sure new files are added to it on a routine basis (pencil it in on your calendar, maybe once a week) and then unplug your backup.

Because ransomware can encrypt your backup too. If you leave it plugged in, the attack can spread and your precaution is an entirely moot point.


CryptoLocker is an especially nasty example CryptoLocker Is The Nastiest Malware Ever & Here's What You Can Do CryptoLocker is a type of malicious software that renders your computer entirely unusable by encrypting all of your files. It then demands monetary payment before access to your computer is returned. Read More , first propagated via email attachments (using a phishing technique What Exactly Is Phishing & What Techniques Are Scammers Using? I’ve never been a fan of fishing, myself. This is mostly because of an early expedition where my cousin managed to catch two fish while I caught zip. Similar to real-life fishing, phishing scams aren’t... Read More ). Once in your computer, it scans the hard-drive for file extensions and additional connections — which not only means it’ll encrypt a backup drive connected through a USB, but also that it infects cloud systems Yes, Ransomware Can Encrypt Your Cloud Storage Several ransomware variants not only attack your main hard drive, but other system drives -- including cloud storage! The time has come to consider how you backup your files and where to keep them. Read More !

Obviously, you should abide by general security practices regardless. Not downloading suspect files will help in the fight against any sort of malware. Equally, checking a site is the real deal is always advisable. There’s one other way to help keep your data safe, aside from if ransomware hits…

What Use Is Encryption?

Yes, we’re back to encryption.

Let’s not get carried away: encryption might not work against ransomware, but it’s still a very solid form of defense against many other attacks — because it stops your personal information falling into the wrong hands.

A passcode will prove difficult for a criminal to crack if your smartphone is stolen. If you’re submitting details online, a website’s SSL/TSL certificate How Web Browsing Is Becoming Even More Secure We have SSL certificates to thank for our security and privacy. But recent breaches and flaws may have dented your trust in the cryptographic protocol. Fortunately, SSL is adapting, being upgraded - here's how. Read More will stop onlookers by certifying a genuine link between the two clients. If your data is intercepted via a public network 5 Ways Hackers Can Use Public Wi-Fi to Steal Your Identity You might love using public Wi-Fi -- but so do hackers. Here are five ways cybercriminals can access your private data and steal your identity, while you're enjoying a latte and a bagel. Read More , perhaps through a man-in-the-middle attack What Is a Man-in-the-Middle Attack? Security Jargon Explained If you've heard of "man-in-the-middle" attacks but aren't quite sure what that means, this is the article for you. Read More (MITM), it’ll be unreadable if you use a virtual private network (VPN) as long as you use one!

Your data is worth a fair amount Here's How Much Your Identity Could Be Worth on the Dark Web It's uncomfortable to think of yourself as a commodity, but all of your personal details, from name and address to bank account details, are worth something to online criminals. How much are you worth? Read More to a scammer, but it’s worth more to you. Never underestimate encryption. But don’t forget that it’s just one tool in your arsenal against cybercriminals.

Worried About Ransomware?

Everyone should be, within reason.

Only a relatively small number of folk actually become victims of ransomware. And if you’re unlucky enough to be in that minority, you should stand by your guns and not pay up 5 Reasons Why You Shouldn't Pay Ransomware Scammers Ransomware is scary and you don't want to get hit by it -- but even if you do, there are compelling reasons why you should NOT pay said ransom! Read More , however tempting it is.

Encryption won’t save you in such an instance, but necessary procedures should 12 Tools You Can Use to Help Beat Ransomware One of the biggest issues facing computer users is ransomware. And while a ransomware infection is notoriously difficult to fight, it isn't impossible. See how these tools can help. Read More .

Have you ever been victim to ransomware? What did you do? Have you any further tips our readers should know about?

Related topics: Encryption, Ransomware.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. ReadandShare
    June 30, 2017 at 12:00 am

    @Philip (or anyone who might know)... Would "hiding" files so they are not visible keep them from being scrambled by ransomware?

    I use USBSecurity from Kakasoft. It claims to encrypt my data files but given it takes only two seconds to encrypt or decrypt gigabytes of data files, I believe all it does is simply hide those files from view - not any kind of actual encryption.

    BUT, once the files are hidden, they are hidden from Windows Explorer - even if you uncheck "hide system files" and check "view hidden files". Those file names cannot be seen until you enter a password. SO, if I can't see those files at all, perhaps ransomware can't either?

    • Philip Bates
      July 16, 2017 at 11:40 am

      It largely depends on the ransomware that's used, but most are aware of hidden files so yes, you'd still be affected, I'm afraid. Sorry. All this makes ransomware sound really quite terrifying, and it is scary, but I think as long as you take basic precautions, you should be okay.

  2. likefunbutnot
    June 28, 2017 at 10:01 pm

    One solution, if you know what you're doing, is to store your backups on a target that does not allow the source computer to change the files once they're transferred. Copying data to tape works really well for this, since it's not directly attached storage. Another option is to move backed-up files out of a stored location that the source computer can view or write to, via a script or manual interaction with the backup target.

    • Philip Bates
      July 16, 2017 at 11:41 am

      Great advice - thanks :)