Ransomware: Your money or your (online) life!
By Bridget Kenyon, on 10 February 2017
Hopefully most people will have heard the word “ransomware” before, but it’s getting to be big business. Here’s a quick break-down of what you need to know- and what you need to do.
Ransomware is basically a way of forcing people to pay money for their own information. It works as follows:
- You get an email directing you to click on a link or open an attachment
- You click on the link or open the attachment
- The website you visit, or the attachment you open, changes (encrypts) all your files so you can’t open them
- You get a notification that your files have been made unusable, with a demand to pay money to get them back
- You may pay the ransom, and may – or may not- get your files back (how much do you trust the person who just stole your files?)
There are whole “businesses” based on creating ransomware, distributing it and gathering ransoms. Some of these run franchises, like big burger chains do.
Ransoms are usually paid in Bitcoin, which is a form of online money. It even has an exchange rate with other currencies like dollars or pounds sterling. Bitcoin is designed to make it hard for the police to trace the payment and find the attacker.
The files which people are most upset to lose are often photographs of family and friends.
Ransomware is often spread by plausible looking fake emails from banks, your employer/university, or online services like PayPal asking you to click on a link, open an attachment or fill in a form. These emails are called “phishing” emails.
Phishing emails are also used to trick you into handing over your information, e.g. bank details.
What you can do
We often hear people saying things like “It’s all too much to understand”, or “I’ll just stop using the Internet, then!”. Totally understandable, but there is a more realistic approach which isn’t as drastic or inconvenient.
Think about the things we all do every day to keep clean. We wash our hands when they get dirty. We (hopefully) shower or bathe. We wear gloves if handling something unusually messy or corrosive. We change our clothes, and wash them. We keep cuts clean and apply antiseptic. The overall aim is to keep our friends, and avoid infections.
Now imagine you had to write all of this down: when to wash, how to wash, what sort of gloves to wear… Anyone reading your instructions will say “Wow, that’s a lot to do! I can’t imagine that being practical.”. But it’s normal- you’ve made it a part of your day, and you probably don’t even think about it. It’s all basic hygiene.
How does this relate to ransomware? Simple. Managing your risk of infection by ransomware is also achieved by basic hygiene.
- If you have a cut, you bandage it and help it heal. If you have a computer with a security flaw, you apply the security patch (these can be set up to happen automatically, just like healing happens automatically).
- When you’re going to be doing something messy, you wear gloves. If you are on the Internet, you make sure you have antivirus software installed.
- If you see food with maggots on it, or which looks a bit dodgy, you don’t eat it. If you get an email or other message which looks wrong, you don’t believe what it says, or do what it asks you to do.
Your health insurance
Everyone has a weak spot; it’s not possible to guarantee that you’ll never get an infection. So keep a copy of your important files somewhere else, where you have to use a different password to get at it. You could also keep a copy of the files on a secure USB stick (don’t leave it plugged in). If you do this, then if you get ransomware, you can avoid paying the ransom, and just recover your files from the safe place you left them in.
But how do I recognise dodgy emails?
Remember learning what dodgy/tainted food looked like? Often, you learned from other people or from school. Recognising ransomware isn’t part of the National Curriculum, as far as I know, so try our anti-phishing game to get you started. You can also run through the phishing module in the Information Security Awareness course.