RANSOMWARE

Held Hostage


In light of the recent (and still ongoing) WannaCry Ransomware attacks, I think it might be worth a quick security review.

Firstly - What is Ransomware?

Ransomware is a kind of software that runs on your computer and works to keep you from using your computer or accessing your files until you pay a fee. Less complex ransomware attacks can be beaten without paying up but the more advanced software will often encrypt your files, preventing you from being able to access them at all - in several cases, the ransomware will give you a deadline to pay by, and if you fail to pay in time it will delete the encrypted files.

So now that we know what it is, how does it get onto your machine?

Similar to most viruses and other things that can affect your computer, ransomware has to be downloaded onto your hard drive - and in most cases, it will be downloaded by you.

Normally disguising itself by using a Trojan, ransomware software will masquerade as a legitimate file or will hide amongst other legitimate files, tagging along with your download and infecting your computer once it's been downloaded.

How do the hackers get away with it?

In most cases, the perpetrators of ransomware attacks will vanish without a trace once they've been paid. They achieve this through a variety of methods and by relying on multiple knowing (and unknowing) accomplices. In the case of the WannaCry Ransomware, the hackers demanded the money be paid through BitCoin - an untraceable cryptocurrency, commonly used on the Dark Web.

While cryptocurrencies like Bitcoin are becoming an increasingly popular way for hackers to take payments, there are other ways that they can make money without being caught. Hackers can use PayPal (as they don't have to connect any personal information past an email address to accept payments), MonkeyPak, or use cards to take payments that are passed sometimes through less-than-reputable banks and payment processors, or sometimes passed straight into a legitimate bank account and then split up and transferred to separate accounts (this ties into the email scam that promises you money if they can use your bank account to store a large amount of cash for a short time).

How can you protect yourself from Ransomware?

There are a few ways to manage this, depending on which OS you're running. Windows users (Windows 7, Windows 8 etc.) should keep up-to-date with the latest security patches put out by Microsoft - and should make sure that you're downloading the security patches from the official Microsoft site. Mac users should seek out effective and well-trusted antivirus software, reading reviews to make sure that the software is safe.

Further, you can protect yourself by being a little selective about any files you're downloading - as long as you keep your browsing legitimate then you shouldn't have much trouble, but if you're Torrenting files or pirating .mp3s from the murky backwaters of the internet, you might want to keep an eye out.