The world of technology has always a fight between good and the evil. While the good forces try to keep crackers and malware at bay, the bad forces always come up with something eviler than before, something more unstoppable and harder to break.
Ransomware is a special type of malware, but unlike other malware that merely act like thieves to steal your data, or dacoits that delete your data, this malware is smart. It is a cyber version of kidnapping, and keeps your system hijacked, until you pay a ransom, some money, to free your system back.
What does Ransomware do?
- Prevent you from accessing Windows.
- Encrypt files so you can’t use them.
- Stop certain apps from running (like your web browser).
Types of Ransomware:
There are two types of ransomware – lockscreen ransomware and encryption ransomware.
Lockscreen ransomware shows a full-screen message that prevents you from accessing your PC or files. It says you have to pay money (a “ransom”) to get access to your PC again.
Encryption ransomware changes your files so you can’t open them. It does this by encrypting the files – see the details for enterprises section if you’re interested in the technologies and techniques we’ve seen.
How does a computer become infected with ransomware?
- SPAM e-mails – by opening e-mail attachments in SPAM e-mails.
- Operating system or software exploit – The malware exploits a security vulnerability in the computer’s operating system or an application that is installed on the computer.
- Visiting unsafe, suspicious, or fake websites.
- Clicking on malicious or bad links in e-mails, Facebook, Twitter, other social media post and instant messenger chats, like Skype.
How to beat Ransomware?
Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” of the files without the original encryption key – which only the attackers will have access to.
- Prevent SPAM e-mail from reaching end users.
- Educate users not to open any attachments that they are not expecting.
- Ensure local anti-virus is up to date on all computers and is active (To ensure that the user has not disabled the protection).
- Ensure your central shares (that endpoints update from) are receiving updates from Sophos Update Manager – check your console.
- Avoid opening any attachment emailed to you that you were not expecting.
- Watch out for e-mails with attachments suggesting you to reply quickly or ‘act faster’ and hence feel compelled to open the attachment quickly – without considering the source.
- Move your mouse point over the shield and ensure ‘On-access scanning: disabled’ is not shown.
The Security team at Anglo African will be pleased to assist you in reviewing some or all of your processes that you currently have or the challenges that you might be facing. Contact us on firstname.lastname@example.org or 2331636