Ransomware is the single biggest risk to your digital security. Capable of encrypting your data and leaving you unable to access vital personal files and folders, ransomware can be very expensive whether you opt to pay the ransom or not.
But are you really up to speed with how dangerous it really is? Here are five things you should really know about ransomware.
1. Ransomware Is a Massive Security Threat on Mobile
You’re probably more focused on ransomware hitting your desktop or laptop computer than other devices, but you would be wrong. While ransomware is a big risk to PCs, it’s also a huge risk to smartphones and tablets.
One example is Fusob (Trojan-Ransom.AndroidOS.Fusob), which was particularly active in Germany in 2015. Masquerading as an adult video player, Fusob targeted fans of adult material who were already eager to part with their cash for paid online services.
It isn’t only mobile devices that are at risk, but the operating systems that run them. In recent years, Android has been adopted as the OS of choice for several smart TV manufacturers (and smart TVs are considerable security risks even without ransomware).
Frantic Locker (aka FLocker) started out targeting Android phones and tablets before being revised and re-released as a ransomware for smart TVs. Locking your TV screen (imagine that happening during a Game of Thrones finale) and displaying a message alleging you’ve committed a crime, complete with law enforcement iconography, FLocker demands payment of $200 in iTunes gift card credits.
2. Backups, Drives, and Databases Aren’t Immune
One of the earliest methods of avoiding potential ransomware attacks was to your data in a separate location. This might have been a daily backup stored on a different device, for instance. Unfortunately, ransomware coders have become wise to this defense, and backups can now be encrypted and locked until the ransom is paid.
But did you know that modern ransomware can also encrypt databases and unmapped disk drives? While the first risk (typically executed by the Cerber ransomware) is mainly troublesome for businesses that operate SQL databases (pretty much every database-driven desktop and web application), the latter is particularly disconcerting. In this situation, database processes are terminated before the data is encrypted.
CryptoFortress was the first ransomware to lock files regardless of whether they were associated with a particular drive letter (or not). Locky is another ransomware that can encrypt data on network drives. These risks also affect cloud storage, although some services (such as Dropbox) will restore your data to its state before the ransomware attack.
3. Ransomware Affects Windows, Mac, and Linux
Perhaps the most stunning thing about ransomware is its reach. We’ve already considered its ability to lock mobile devices, encrypting the contents until you pay up. But it can devastate your desktop data too, regardless of which operating system you’re running.
There’s the old mantra, isn’t there, that Macs can’t get viruses. We’ve seen increasingly over recent years that this is untrue, with the increase in Mac-targeted malware. Quite simply: If enough people are using a platform, hackers will work to subvert it. The same is true of Linux; while desktop distros have an overall small market share, Linux server operating systems run the majority of websites currently online.
So, you’re not safe just because you’re using Mac or Linux, no more than you would be if you were using Windows. Ransomware can catch you out whatever operating system you’re using.
4. Ransomware Always Poses as Legitimate Software
When ransomware first materialised, it was usually introduced onto computers via email attachments. Over the years, this approach has been streamlined and improved; while you can still end up with ransomware on your computer thanks to an email, there are now other methods.
It’s important to realise that if you are the victim of a ransomware attack, it’s not something to feel ashamed of. The developers of these insidious pieces of software go to great lengths to produce malware that looks utterly convincing and totally reliable. Ransomware is typically hidden in applications and games; they have to look like the real deal in order for you to install and use them!
Mobile games, fake Windows Updates, “useful” applications and utilities… all of these methods (and others) are used to deliver ransomware to your PC or mobile. You need to be certain that the software you install is legitimate.
How do you do that? Well, if you’re not installing from published media (such as a CD or DVD), the best thing you can do is ensure that you download apps and games direct from the publishers, or an approved digital delivery system.
5. Beware Petya’s Total Disk Encryption
One of the most notorious ransomware strains, Petya, was first discovered in 2016, managed to infect Windows machines via infected email attachments. Rather than focusing on specific personal files (such as those found in My Documents, for example), it attacks the Master Boot Record (MBR), encrypting the file system table of a computer’s hard disk drive.
Leaving you unable to access your PC’s data, your computer will simply boot to a screen telling you how to make a Bitcoin payment to regain control of your PC.
As with any ransomware attack, Petya will leave your data locked. Sometimes it can be tempting to just delete the locked data and move on with a backup; but if Petya has paid a visit, and the backup is stored on the same HDD, you’re stuck. Fortunately, Petya has been cracked, so it is possible to rescue your encrypted data without paying the ransom.
How to Prevent and Fight Against Ransomware
Protecting your data from ransomware is vital. It doesn’t matter if you’re using Windows, Mac, Linux, or a mobile device. All are at risk from ransomware. So what can you do?
There are five key steps you should follow:
- Make regular backups.
- Keep your operating system up to date.
- Keep an eye out for suspicious files.
- Use mail filtering.
- Subscribe to a full internet security suite.
Want to learn more? Our guide to defending yourself against ransomware provides further details. Several useful tools have been released for decrypting your data, and the list is always growing. Meanwhile, check our list of the best security and antivirus tools to find a solution that can protect your data from ransomware.